26 May 2017
Book a meeting today

Cyber fraudsters steal bank data in e-card scam

22 September 2006  |  9947 views  |  0 ID Fraud

Online security services firm Exploit Prevention Labs (EPL) is warning of a new phishing scam in which fraudsters use e-cards to infect computers with malicious keylogger malware which is then used to steal personal financial data.

EPL says it has uncovered a major cyber criminal ring operating in Australia using what appear on the surface to be Yahoo Greetings e-cards.

Personal data including credit card numbers, bank accounts and passwords has already been stolen from thousands of people in Australia and the US.

The attacks involve spam e-mail messages that appear to be greeting cards sent by one of the major e-card companies. But recipients who click on the link to view the card are sent to a malicious Web site that checks to see if the user's Web browser has been patched for the latest software vulnerabilities. If it's unpatched, the server silently force-downloads a rootkit and a keylogger onto the PC before redirecting the web browser to an authentic Yahoo Greetings card.

Roger Thompson, CTO, ELP says researchers have also discovered further evidence that malicious e-card spammers have expanded operations beyond Australia and Yahoo Greetings, with confirmed targets in North America, Europe and Asia using a variety of e-card suppliers.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Barclays subject to massive phishing attack

Barclays subject to massive phishing attack

13 September 2006  |  8128 views  |  0 comments
FFIEC guidance deadline will lead to surge in phishing, warns US regulator

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

11 September 2006  |  7278 views  |  0 comments
Bank of Ireland compensates phishing victims

Bank of Ireland compensates phishing victims

05 September 2006  |  9143 views  |  0 comments
Canadian phishers in pump-and-dump probe

Canadian phishers in pump-and-dump probe

29 August 2006  |  7694 views  |  0 comments
PayPal and eBay customers top targets for phishers

PayPal and eBay customers top targets for phishers

01 August 2006  |  9340 views  |  0 comments
Man-in-the-middle attacks Citi authentication system

Man-in-the-middle attacks Citi authentication system

12 July 2006  |  19099 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.response.ncr.comvisit www.niceactimize.comvisit www.events.sap.com

Top topics

Most viewed Most shared
BBVA launches Open API marketplaceBBVA launches Open API marketplace
11750 views comments | 49 tweets | 77 linkedin
Bank/fintech collaboration can take transaction banking to new heightsBank/fintech collaboration can take transa...
7260 views comments | 12 tweets | 24 linkedin
TransferWise launches multi-currency business bank accountsTransferWise launches multi-currency busin...
6027 views comments | 12 tweets | 20 linkedin
Enterprise Ethereum Alliance triples in sizeEnterprise Ethereum Alliance triples in si...
5980 views comments | 15 tweets | 17 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job