Trusteer researchers have discovered a peer-to-peer (P2P) variant of the Zeus platform that targets users of Google, Yahoo, Hotmail, Facebook in order to steal their credit card data.
The scams exploit the trust relationship between users and these well-known service providers, as well as the Visa and MasterCard brands.
When targeting the facebook users, the attackers use a web inject to present the victim with a fraudulent 20% cash back offer by linking their Visa or MasterCard debit card to their Facebook account. The scam claims that after registering their card information, the victim will earn cash back when they purchase Facebook points. The fake web form prompts the victim to enter their debit card number, expiration date, security code, and PIN.
The attacks against Google Mail, Hotmail and Yahoo users, Zeus offers an allegedly new way of authenticating to the 3D Secure service offered by the Verified by Visa and MasterCard SecureCode programs.
The scam that targets Google Mail and Yahoo users claims that by linking their debit card to their web mail accounts all future 3D Secure authentication will be performed through Google Checkout and Yahoo Checkout respectively. The fraudsters allege that by participating in the program the victim’s debit card account will be protected from fraud in the future. The victim is prompted to enter their debit card number, expiration date, security code, and PIN.
The Hotmail scheme is somewhat similar, the potential victims being informed of the fact that “Windows Live Inc” is concerned about their security, offering a “100% secure, fast and easy” method of preventing fraud by linking the account to the debit card.
This attack is a clever example of how fraudsters are using trusted brands – social network/email service providers and debit card providers – to get victim’s to put down their guard and surrender their debit card information.
These webinjects are well crafted both from a visual and content perspective, making it difficult to identify them as a fraud. It’s also ironic how in the Google Mail, Hotmail and Yahoo scams, the fraudsters are using the fear of the very cybercrime they are committing to prey on their victims.
The scams exploit the trust relationship between users and these well-known service providers, as well as the Visa and MasterCard brands.
When targeting the facebook users, the attackers use a web inject to present the victim with a fraudulent 20% cash back offer by linking their Visa or MasterCard debit card to their Facebook account. The scam claims that after registering their card information, the victim will earn cash back when they purchase Facebook points. The fake web form prompts the victim to enter their debit card number, expiration date, security code, and PIN.
The attacks against Google Mail, Hotmail and Yahoo users, Zeus offers an allegedly new way of authenticating to the 3D Secure service offered by the Verified by Visa and MasterCard SecureCode programs.
The scam that targets Google Mail and Yahoo users claims that by linking their debit card to their web mail accounts all future 3D Secure authentication will be performed through Google Checkout and Yahoo Checkout respectively. The fraudsters allege that by participating in the program the victim’s debit card account will be protected from fraud in the future. The victim is prompted to enter their debit card number, expiration date, security code, and PIN.
The Hotmail scheme is somewhat similar, the potential victims being informed of the fact that “Windows Live Inc” is concerned about their security, offering a “100% secure, fast and easy” method of preventing fraud by linking the account to the debit card.
This attack is a clever example of how fraudsters are using trusted brands – social network/email service providers and debit card providers – to get victim’s to put down their guard and surrender their debit card information.
These webinjects are well crafted both from a visual and content perspective, making it difficult to identify them as a fraud. It’s also ironic how in the Google Mail, Hotmail and Yahoo scams, the fraudsters are using the fear of the very cybercrime they are committing to prey on their victims.