CSO — A new Zeus P2P malware variant discovered last week by security vendor Trusteer is attempting to scam users of some of the Internet’s most popular and trusted brands — Facebook, Google Mail, Hotmail and Yahoo — with promises of rebates and new security measures.
Slideshow: The Future of Malware
In a blog post, Trusteer CTO Amit Klein ays the scams “exploit the trust relationship between users and these well-known service providers, as well as the Visa and MasterCard brands, to steal users’ debit card data.”
As usual, the fraudsters try to trick users into providing confidential financial information: debit card number, expiration date, security code, and PIN. On Facebook, a web inject offers a 20-percent cash back offer by linking a Visa or MasterCard debit card to their account.
What is unique about this one, Klein writes, is that “in the attacks against Google Mail, Hotmail and Yahoo users, Zeus offers an allegedly new way of authenticating to the 3D Secure service offered by the Verified by Visa and MasterCard SecureCode programs.”
Trusteer’s director of product marketing, Oren Kedem, says while web injects are common, this is the first time he has seen a scam try to use 3D Secure. “Many customers are familiar with it,” he says, “and it has become so trustworthy that victims could see it as a plausible approach.”
In this case, the lure is convenience. Victims are told that if they link their debit card to their web mail accounts, “all future 3D Secure authentication will be performed through Google Checkout and Yahoo Checkout respectively,” and, of course, that they will be protected from fraud in the future, by providing their confidential information. The Hotmail attack is similar.
Users are “reassured” that, “Your Debit Card pin is ONLY used for verification purposes. It activates CashBack option. Never disclose your Debit PIN to anyone, including family and friends. Your Debit PIN is confidential and is for your use online.”
Kedem says he does not know how many people have fallen for the scam, “but since this is a version of Zeus, which is the No. 1 malware out there and since just about everybody uses one of these services, there is a large number of targets.” He says Trusteer has notified the companies of the new variant.
Kedem says the most common way to get infected with the Zeus malware is by “drive-by” download - simply by visiting a website with the malware present. It then takes over the user’s browser when one of the targeted sites, like Facebook, is visited. He says users should take the usual precautions with any unsolicited offer they see online that asks for confidential information.
The content on your website never confuses me
ReplyDeleteunsecured loans online
I'm planar by your table make up the superior production.
ReplyDeleteapply payday loans