Police have foiled an audacious attempt by criminal hackers to steal £220 million from a Japanese banking group in the City, it emerged today.

A high-tech crime ring planned to use "keylogging" technology - which records every keystroke typed into computers - to gain access to Sumitomo's systems in London and transfer money electronically to ten bank accounts around the world.

But the bank's own security officers discovered the breach last October and called in the National High-Tech Crime Unit (NHTCU), which, according to a source familiar with the investigation, monitored them until arrests could be made. "They strung them along," the source said.

If the heist had been successful, it would have been Britain's biggest ever bank theft, easily dwarfing last year's £26 million Northern Bank raid in Belfast. Experts said that it would also have been the world's biggest cybercrime.

News of the attempted theft appeared in today's Financial Times after the arrest yesterday of an Israeli man whose business account had been the intended recipient of €20 million (£13.9m). The NHTCU declined to comment on the case today, although sources close to the organisation said further arrests were expected in the coming days.

Police in Israel identified the man arrested as 32-year-old Yaron Bolondi. He appeared at a Tel Aviv court this morning charged with attempted money laundering and deception and was remanded in custody for a week.

Ian MacKinnon, Times correspondent in Jerusalem, said two that officers from the NHTCU were in Israel to help the Israeli police conduct their investigation.

Keylogging uses relatively simple spyware to monitor all the keystrokes made on a computer terminal and then transmits that information to the hacker by e-mail. The software can be bought commercially for under $20 and is used by employers to track employees or individuals to track the computer usage of spouses or children.

More sophisticated versions of the software are used by security services as they try to monitor organised crime or terrorist groups. The FBI's version is known as Magic Lantern.

In the wrong hands, however, keylogging is an increasingly dangerous criminal tool. It does not rely, like "phishing", on enticing a user to enter valuable information in a rogue website. Instead it effectively looks over a user's shoulder as he or she enters legitimate details into a legitimate website.

It was not clear how the thieves managed to install the keylogging software on Sumitomo's computers. One source suggested that they had managed to gain physical access to the machines, although experts said it could have been done remotely.

Takashi Morita, head of communications at Sumitomo in Tokyo, said that the company had not suffered any financial loss as a consequence of the robbery attempt.

He said: "The case is still in the middle of investigation so we cannot comment further. We have undertaken various measures in terms of security and we have not suffered any financial damage."

Yurong Lin, CEO of Deepnet Technologies, a British firm that is developing an internet browser that will warn users of any attempt to log their keystrokes, said the attempted theft from Sumitomo was "huge". Mr Lin said that home PC users were also at risk from the technology, even if they had common anti-virus protection. "Protecting yourself against keylogging is very difficult because it works in the background," he said.

"The main thing is that you never download anything from a website unless it's a site that you really trust. After that, we advise that you go and install some anti-keylogging software. That won't give you 100 per cent protection, but it will help a lot."

Gary Clark, head of European operations the for US internet security firm SafeNet, said a major problem was that many companies were still relying on password protection instead of "two-factor authentication" using something physical like a smart card or USB token that can help generate a unique access code.

"From our point of view, we would be asking serious questions about what kind of authentication the bank had in place," he added.

One of the best known cases of "keylogging" theft was by a New York man who stole personal information from 450 people in 2003 after installing software in Kinko's copier shops.

Others include the theft of the source code for the computer game Half-Life 2 in 2003 and the targeting of customers of the eBay auction site. There have even been reports of American college students planting spyware on their professors' computers to find out exam questions in advance.

David Sherwin, an international fraud investigator with Ernst & Young, said today: "The problem is around the technology. It's had a huge impact on how companies conduct their business - global access, connectivity and sharing have never been easier.

"Unfortunately, the same technology has also made fraud easier and more anonymous than ever before and the technically literate criminal with the right tools can do a lot of damage."

One US expert, Richard Stiennon of Colorado-based Webroot Software, told Times Online that he believed UK banks had already lost hundreds of millions of pounds to hackers using keystroke logging software to steal login information. He added: "Going after internal machines is the motherlode for a hacker."

Explore UK News

• Crime News

• Education News

• Health News

• Science News

• Scotland News

Times Recommends

• Infertile couples to be made an NHS priority
• Sharp fall in number of GCSE entries
• Britain has more pensioners than children