Peter Dinham
Wednesday, 10 June 2009 14:39
Business IT -
Security
Page 2 of 3
The proliferation of financial scams and the growth in
e-crime is very much part and parcel of the current, grim economic
downturn, according to BitDefender’s antispam research head honcho,
Vlad Vâlceanu, who says the latest phishing campaign targeting
e-banking and e-payment customers features several malicious components.
Here’s how Vâlceanu says the scam works, and what you should be looking out for to avoid being scammed:
• First, the unsolicited message that disseminates the malware purports to deliver the ultimate ‘open source antivirus solution’, asking users to visit a webpage where they can download the product.
• However, upon clicking the link, the user does not receive the promised security suite, but a fake executable – setup.exe – which is, in effect, a self-extracting archive. Its purpose is to replace the content of C:\WINDOWS\System32\drivers\etc and to alter the web browser’s behaviour, by automatically loading meticulously crafted pages of PayPal and other financial institutions for phishing purposes.
• Each time the user types the address belonging to one of these portals, he or she is automatically redirected towards the fake pages. Here, the log-in credentials (user name, password, security code) and other sensitive data (first and last name, complete home and e-mail address, credit card number, expiration date, Card Verification Code, and even PIN) are pilfered using PHP scripts.
And, Vâlceanu says BitDefender’s analysis has revealed that the bogus web pages load from domains registered in China and Korea.
CONTINUED page 3
LATEST HEADLINES FROM YOUR IT
