Because consumers are not generally responsible for losses to their accounts due to fraud, banks are increasingly taking steps to secure their customers' systems as well as their own. "Banks are realizing that the human at the end is the weak link," says Steve Surdu, vice president of professional services at security and forensics firm Mandiant. "By having their customers attached to their systems, they are introducing weakness."

Many banks already analyze transactions for patterns that suggest fraud. Some require that customers put additional security on their PCs. For example, Trusteer sells a secure add-on for browsers, known as Rapport, that banks can give customers to help secure online transactions.

Flashlight allows banks to gather information on their customers following an incident of fraud without ever having to send an investigator. Since the browser is the portal that online banking customers use to access their financial institution, Flashlight focuses its effort there. The program uses remote forensics to find changes to the browser program running in memory, any malicious files that may have been added, and changes in the way the browser communicates with other programs. It submits its findings back to Trusteer, which creates a report for the bank on which, if any, rogue software was running on the user's computer.

"This is a process the banks can follow with each fraud event that they have," Trusteer's Boodaei says. "They can have an up-to-date view of their fraud losses."

In early testing, Flashlight discovered that nearly 95 percent of all bank losses in the United Kingdom were caused by three Trojans: the Zeus program; a U.K.-specific program known as Silon; and Yaludle. Trusteer does not have as many customers in the U.S., so it could not provide data on U.S. trends.

Providing remote forensics as a service "is a clever move," says Mikko Hypponen, chief research officer for antivirus firm F-Secure. Most antivirus companies have support tools that allow technicians to collect information about infected users' systems. Microsoft provides a forensics package to law enforcement known as the Computer Online Forensics Evidence Extractor.

Hypponen agrees that banks will increasingly demand that consumers secure their systems more tightly. Cybersecurity is largely about defending your systems better than other targets, he says. "You don't have to have perfect security," he says. "You have to have better security than the other banks."