24 September 2017
visit www.avoka.com

Cyber fraudsters steal bank data in e-card scam

22 September 2006  |  10058 views  |  0 ID Fraud

Online security services firm Exploit Prevention Labs (EPL) is warning of a new phishing scam in which fraudsters use e-cards to infect computers with malicious keylogger malware which is then used to steal personal financial data.

EPL says it has uncovered a major cyber criminal ring operating in Australia using what appear on the surface to be Yahoo Greetings e-cards.

Personal data including credit card numbers, bank accounts and passwords has already been stolen from thousands of people in Australia and the US.

The attacks involve spam e-mail messages that appear to be greeting cards sent by one of the major e-card companies. But recipients who click on the link to view the card are sent to a malicious Web site that checks to see if the user's Web browser has been patched for the latest software vulnerabilities. If it's unpatched, the server silently force-downloads a rootkit and a keylogger onto the PC before redirecting the web browser to an authentic Yahoo Greetings card.

Roger Thompson, CTO, ELP says researchers have also discovered further evidence that malicious e-card spammers have expanded operations beyond Australia and Yahoo Greetings, with confirmed targets in North America, Europe and Asia using a variety of e-card suppliers.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Barclays subject to massive phishing attack

Barclays subject to massive phishing attack

13 September 2006  |  8216 views  |  0 comments
FFIEC guidance deadline will lead to surge in phishing, warns US regulator

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

11 September 2006  |  7395 views  |  0 comments
Bank of Ireland compensates phishing victims

Bank of Ireland compensates phishing victims

05 September 2006  |  9248 views  |  0 comments
Canadian phishers in pump-and-dump probe

Canadian phishers in pump-and-dump probe

29 August 2006  |  7818 views  |  0 comments
PayPal and eBay customers top targets for phishers

PayPal and eBay customers top targets for phishers

01 August 2006  |  9889 views  |  0 comments
Man-in-the-middle attacks Citi authentication system

Man-in-the-middle attacks Citi authentication system

12 July 2006  |  19294 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.vasco.comvisit www.sibos.comvisit www.temenos.com

Top topics

Most viewed Most shared
HSBC switches on selfie payments in ChinaHSBC switches on selfie payments in China
13317 views comments | 28 tweets | 44 linkedin
AXA launches blockchain to cover late flight compensationAXA launches blockchain to cover late flig...
9576 views comments | 13 tweets | 28 linkedin
Apple P2P payments service nears launchApple P2P payments service nears launch
8567 views comments | 19 tweets | 27 linkedin
SBI Ripple Asia advances on South KoreaSBI Ripple Asia advances on South Korea
8270 views comments | 16 tweets | 1 linkedin
European Commission makes fintech a priority in supervisory shakeupEuropean Commission makes fintech a priori...
8037 views comments | 32 tweets | 45 linkedin

Featured job

Competitive
New York, NY - USA (some flexibility on location)

Find your next job