28 March 2017
visit nextgenbanking.co.uk

Cyber fraudsters steal bank data in e-card scam

22 September 2006  |  9903 views  |  0 ID Fraud

Online security services firm Exploit Prevention Labs (EPL) is warning of a new phishing scam in which fraudsters use e-cards to infect computers with malicious keylogger malware which is then used to steal personal financial data.

EPL says it has uncovered a major cyber criminal ring operating in Australia using what appear on the surface to be Yahoo Greetings e-cards.

Personal data including credit card numbers, bank accounts and passwords has already been stolen from thousands of people in Australia and the US.

The attacks involve spam e-mail messages that appear to be greeting cards sent by one of the major e-card companies. But recipients who click on the link to view the card are sent to a malicious Web site that checks to see if the user's Web browser has been patched for the latest software vulnerabilities. If it's unpatched, the server silently force-downloads a rootkit and a keylogger onto the PC before redirecting the web browser to an authentic Yahoo Greetings card.

Roger Thompson, CTO, ELP says researchers have also discovered further evidence that malicious e-card spammers have expanded operations beyond Australia and Yahoo Greetings, with confirmed targets in North America, Europe and Asia using a variety of e-card suppliers.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Barclays subject to massive phishing attack

Barclays subject to massive phishing attack

13 September 2006  |  8081 views  |  0 comments
FFIEC guidance deadline will lead to surge in phishing, warns US regulator

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

11 September 2006  |  7232 views  |  0 comments
Bank of Ireland compensates phishing victims

Bank of Ireland compensates phishing victims

05 September 2006  |  9097 views  |  0 comments
Canadian phishers in pump-and-dump probe

Canadian phishers in pump-and-dump probe

29 August 2006  |  7611 views  |  0 comments
PayPal and eBay customers top targets for phishers

PayPal and eBay customers top targets for phishers

01 August 2006  |  9299 views  |  0 comments
Man-in-the-middle attacks Citi authentication system

Man-in-the-middle attacks Citi authentication system

12 July 2006  |  19032 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
Visit capgemini.comvisit abe-eba.eu

Top topics

Most viewed Most shared
French retailer Carrefour launches online bank accountFrench retailer Carrefour launches online...
57659 views comments | 17 tweets | 36 linkedin
European Commission opens public consultation on fintechEuropean Commission opens public consultat...
11238 views comments | 47 tweets | 28 linkedin
MAS to roll out national KYC utility for SingaporeMAS to roll out national KYC utility for S...
11098 views comments | 33 tweets | 44 linkedin
hands typing furiouslyTwo key technologies driving Machine Learn...
7950 views 0 | 15 tweets | 3 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job