18 February 2018
Visit www.avoka.com

Cyber fraudsters steal bank data in e-card scam

22 September 2006  |  10130 views  |  0 ID Fraud

Online security services firm Exploit Prevention Labs (EPL) is warning of a new phishing scam in which fraudsters use e-cards to infect computers with malicious keylogger malware which is then used to steal personal financial data.

EPL says it has uncovered a major cyber criminal ring operating in Australia using what appear on the surface to be Yahoo Greetings e-cards.

Personal data including credit card numbers, bank accounts and passwords has already been stolen from thousands of people in Australia and the US.

The attacks involve spam e-mail messages that appear to be greeting cards sent by one of the major e-card companies. But recipients who click on the link to view the card are sent to a malicious Web site that checks to see if the user's Web browser has been patched for the latest software vulnerabilities. If it's unpatched, the server silently force-downloads a rootkit and a keylogger onto the PC before redirecting the web browser to an authentic Yahoo Greetings card.

Roger Thompson, CTO, ELP says researchers have also discovered further evidence that malicious e-card spammers have expanded operations beyond Australia and Yahoo Greetings, with confirmed targets in North America, Europe and Asia using a variety of e-card suppliers.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Barclays subject to massive phishing attack

Barclays subject to massive phishing attack

13 September 2006  |  8280 views  |  0 comments
FFIEC guidance deadline will lead to surge in phishing, warns US regulator

FFIEC guidance deadline will lead to surge in phishing, warns US regulator

11 September 2006  |  7464 views  |  0 comments
Bank of Ireland compensates phishing victims

Bank of Ireland compensates phishing victims

05 September 2006  |  9304 views  |  0 comments
Canadian phishers in pump-and-dump probe

Canadian phishers in pump-and-dump probe

29 August 2006  |  7892 views  |  0 comments
PayPal and eBay customers top targets for phishers

PayPal and eBay customers top targets for phishers

01 August 2006  |  9960 views  |  0 comments
Man-in-the-middle attacks Citi authentication system

Man-in-the-middle attacks Citi authentication system

12 July 2006  |  19402 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.swift.com/your-needs/instant-paymentsvisit www.ebaday.comvisit www.nextgenbanking.co.uk

Who is commenting?

Top topics

Most viewed Most shared
Saudi central bank provides sandbox for banks to try out Ripple techSaudi central bank provides sandbox for ba...
10822 views comments | 16 tweets | 11 linkedin
Aussie real-time payments platform goes liveAussie real-time payments platform goes li...
8446 views comments | 15 tweets | 42 linkedin
ECB launches staunch defence of cashECB launches staunch defence of cash
8198 views 10 comments | 21 tweets | 26 linkedin
hands typing furiouslyHow can Blockchain Help with AML KYC
7900 views 3 | 9 tweets | 6 linkedin

Featured job

Competitive base + commission (double OTE)
London, UK

Find your next job