E-cards used in data-thieving scam ...


muckshifter

I'm not weird, I'm a limited edition.
Moderator
Joined
Mar 5, 2002
Messages
25,662
Reaction score
1,158
E-cards used in data-thieving scam
By Joris Evers

Cybercrooks are using e-cards that appear to come from a secret admirer in a scam to collect sensitive personal information, a security expert has warned.
Data including credit card numbers, online banking credentials, and log-in names and passwords of thousands of individuals from Australia and the U.S. has already been collected in the scam, Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs, said in an interview Wednesday.

The attacks involve e-mail messages that at first glance appear to be greeting cards from services like Yahoo or Blue Mountain, Thompson said. Clicking on the link to view the card, however, first sends the target to a malicious Web site that tries to silently install software that logs the user's keystrokes, he said. After that the card is displayed.

"It is really quick, nobody notices it," he said. "Unless you actually look at the source of the e-mail and say, 'Hang on, this is a redirect,' you wouldn't actually see it."

The miscreants use a flaw in Microsoft's Windows operating system to drop the spy software and a rootkit to hide it on PCs, Thompson said. Windows users who have installed the MS06-014 patch, released in May, are not vulnerable to this particular silent drive-by installation of malicious software.

The attacks appear to have started in April with a new wave of malicious e-mail messages sent out every week. Each week the attackers appear to collect a 200MB file with freshly capture information from a server, Thompson said. He was able to identify the server and reported the matter to Australian and U.S. authorities, he said.

So far, Exploit Prevention Labs has been able to identify that customers at nearly every Australian bank were compromised, it said in a statement. The cybercrooks have also targeted individuals in North America, Europe and Asia using a variety of e-card services, the company said.
:rolleyes:

It is getting to the point where, clicking on anything will give you an infection. :rolleyes:


user.gif
 
Ad

Advertisements

Ian

Administrator
Joined
Feb 23, 2002
Messages
19,750
Reaction score
1,411
muckshifter said:
It is getting to the point where, clicking on anything will give you an infection.

You're right there :mad: Why on earth to people do such things?! I wish there was a larger online crime unit to deal with these things, but the problem is they are a global problem :(
 
Ad

Advertisements

Joined
Aug 20, 2005
Messages
1,597
Reaction score
0
I wonder if these hacking people would stop what they are doing, if we just ignore them all together and carry on with our lives....
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top