June 2009
BitDefender Finds Scammers Posing as Online Payment Services To Gain Personal Information from Victims
Stealth malware redirects browsers towards phony websites
BitDefender╝ researchers have found that scammers posing as online payment services continue to be one of the top ten most spoofed identities in the world of spam and phishing, according to BitDefender▓s latest E-Threats Landscape Report.
The latest phishing campaign targeting e-banking and e-payment customers features several malicious components. First, the unsolicited message that disseminates the malware purports to deliver the ultimate Open Source Antivirus Solution, asking users to visit a Web page where they can download the product.
However, upon clicking the link, the user does not receive the promised security suite, but a fake executable √ setup.exe √ which is, in effect, a self-extracting archive. Its purpose is to replace the content of C:\WINDOWS\System32\drivers\etc and to alter the Web browser▓s behavior, by automatically loading maliciously crafted pages for phishing purposes of PayPal, Abbey and Halifax.
Each time the user types the address belonging to one of these financial institutions, he or she is automatically redirected towards the fake pages. Here, the log-in credentials (user name, password, security code) and other sensitive data (first and last name, complete home and e-mail address, credit card number, expiration date, Card Verification Code, and even PIN) are pilfered using PHP scripts. All other menu options available on each page redirect the user towards the appropriate sections of the genuine Web site.
The analysis revealed that the bogus Web pages load from domains registered in China and Korea.
⌠The current economic turmoil inevitably led to the proliferation of e-crime phenomena,■ said Vlad VБlceanu, Head of BitDefender Antispam Research. ⌠The latest trends BitDefender observed reveal several alarming aspects: first, since the beginning of this year, the scams and phishing schemes followed an ascendant curve. Second, the complexity and aggressiveness of raids and attacks have dramatically increased. Lastly, the number of victims followed the same growing pattern. Along with paying close attention to the e-mails they receive, it is important for computer users to have a reliable security solution installed onto their systems in order to prevent future attacks.■
BitDefender▓s E-Threats Landscape Report provides an overview of the security threats landscape over the last six months and takes a look at what lies ahead in 2009.
To stay up-to-date on the latest e-threats, sign-up for BitDefender▓s RSS feeds.
About Bitdefender®
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software.Since 2001, the company has been an industry pioneer, introducing and developing award-winning protection. Today, Bitdefender technology secures the digital experience of around 400 million home and corporate users across the globe.
Recently, the company has won a range of key independent recommendations in the US, UK and across Europe, including ConsumerSearch, Which?, Stiftung Warentest and Taenk. Bitdefender antivirus technology has also finished top in leading industry tests from both AV Test and AV-Comparatives. More information about Bitdefender's antivirus products is available from the company's security solutions press room. Additionally, Bitdefender publishes Malware City providing the latest updates on security threats and helping users stay informed in the everyday battle against malware.