Home  |  Products  |  Security Alerts  |  Reviews  |  Media Room  |  Updates  |  Help

Bank Data Seized In E-card Scam

By Joris Evers 

Cyber crooks are using e-cards that appear to come from a secret admirer in a scam to collect sensitive personal information, a security expert has warned

Cyber crooks are using e-cards that appear to come from a secret admirer in a scam to collect sensitive personal information, a security expert has warned.

Data including credit card numbers, online banking credentials, and login names and passwords of thousands of individuals from Australia and the US has already been collected in the scam, Roger Thompson, chief technology officer at security software maker Exploit Prevention Labs, said in an interview on Wednesday.

The attacks involve email messages that at first glance appear to be greeting cards from services such as Blue Mountain or Yahoo!, Thompson said. Clicking on the link to view the card, however, first sends the target to a malicious website that tries to silently install keylogger software, he said. After that the card is displayed.

He said: "It is really quick, nobody notices it. Unless you actually look at the source of the email and say, 'hang on, this is a redirect', you wouldn't actually see it."
The miscreants use a flaw in Microsoft's Windows operating system to drop the spy software and a rootkit to hide it on PCs, Thompson said. Windows users who have installed the MS06-014 patch, released in May, are not vulnerable to this particular silent drive-by installation of malicious software.

The attacks appear to have started in April with a new wave of malicious email messages sent out every week. Each week the attackers appear to collect a 200MB file with freshly captured information from a server, Thompson said. He was able to identify the server and reported the matter to Australian and US authorities, he said.

So far, Exploit Prevention Labs has been able to identify that customers at nearly every Australian bank were compromised, it said in a statement. The cyber crooks have also targeted individuals in Asia, Europe and North America using a variety of e-card services, the company said.

Joris Evers writes for CNET News.com



Stay Protected With An Additional Layer Of Security With SpyCop!

Don't wait for some snoopy criminal or even a curious family member to get one of the hundreds of freely available spy software programs and SPY ON YOU... Get protected with SpyCop, the ONLY product on the market that can do the job.

If Your Current Anti-Spyware Software Detects ANY Commercial Spy Program That SpyCop Doesn't, I Will Personally Give Your Money Back! I Guarantee SpyCop Has The Largest Commercial Spy Database On The Planet!

You have nothing to lose and your computer privacy to gain...

Click Here To See Our List Of Products That Will Protect You!

Company  |  Affiliates  |  Privacy  |  Contact Us