28 July 2017
visit www.avoka.com

Cyber fraudsters steal bank data in e-card scam

22 September 2006  |  10003 views  |  0 ID Fraud

Online security services firm Exploit Prevention Labs (EPL) is warning of a new phishing scam in which fraudsters use e-cards to infect computers with malicious keylogger malware which is then used to steal personal financial data.

EPL says it has uncovered a major cyber criminal ring operating in Australia using what appear on the surface to be Yahoo Greetings e-cards.

Personal data including credit card numbers, bank accounts and passwords has already been stolen from thousands of people in Australia and the US.

The attacks involve spam e-mail messages that appear to be greeting cards sent by one of the major e-card companies. But recipients who click on the link to view the card are sent to a malicious Web site that checks to see if the user's Web browser has been patched for the latest software vulnerabilities. If it's unpatched, the server silently force-downloads a rootkit and a keylogger onto the PC before redirecting the web browser to an authentic Yahoo Greetings card.

Roger Thompson, CTO, ELP says researchers have also discovered further evidence that malicious e-card spammers have expanded operations beyond Australia and Yahoo Greetings, with confirmed targets in North America, Europe and Asia using a variety of e-card suppliers.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Barclays subject to massive phishing attack

Barclays subject to massive phishing attack

13 September 2006  |  8169 views  |  0 comments
FFIEC guidance deadline will lead to surge in phishing, warns US regulator

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

11 September 2006  |  7331 views  |  0 comments
Bank of Ireland compensates phishing victims

Bank of Ireland compensates phishing victims

05 September 2006  |  9189 views  |  0 comments
Canadian phishers in pump-and-dump probe

Canadian phishers in pump-and-dump probe

29 August 2006  |  7752 views  |  0 comments
PayPal and eBay customers top targets for phishers

PayPal and eBay customers top targets for phishers

01 August 2006  |  9389 views  |  0 comments
Man-in-the-middle attacks Citi authentication system

Man-in-the-middle attacks Citi authentication system

12 July 2006  |  19183 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.worldpaymentsreport.comvisit www.www.fisglobal.comdownload the paper now

Top topics

Most viewed Most shared
US firm to implant employees with RFID chipsUS firm to implant employees with RFID chi...
9708 views 16 comments | 33 tweets | 38 linkedin
hands typing furiouslyHow automation can help transform the fina...
8350 views 0 | 6 tweets | 2 linkedin
Santander looks to smooth fintech integration with BiBoxSantander looks to smooth fintech integrat...
7519 views comments | 16 tweets | 15 linkedin
hands typing furiouslySWIFT Blockchain POC: enhanced cross-borde...
7105 views 1 | 4 tweets | 14 linkedin
UniCredit confirms data breachUniCredit confirms data breach
6648 views comments | 11 tweets | 16 linkedin

Featured job

Competitive base, bonus, benefits
London or South-East, UK

Find your next job