Beware: ZeuS Malware Steals Your Banking Info via Fake Login Pages

Gallery Icon

bill-swift - July 11, 2012

All cyber criminals are sneaky, but perhaps phishers are the sneakiest of them all. That's because they set up fake websites that look like real ones for the sole purpose of stealing users's personal information. They will then use this to hack into social media accounts and email inboxes to gain access to where the money is, including bank and PayPal accounts.

Some deploy malware to carry out their misdeeds, like the ZeuS malware. ZeuS has been around for a while now, but security experts at Threat Metrix and the United Kingdom's Action Fraud are warning users about a new variant of the malware that's currently making the rounds.

This juiced-up version of ZeuS is as sneaky as the Trojan's authors. Users will find themselves visiting the real log-in page of a site, like to Facebook or Gmail. But once the user logs in, they are then presented with a fake log-in form that asks users for their credit card information.

An example is Facebook. Once a user is logged in to the social networking site, they are then informed that they need to link their profiles with a valid credit card so that they can get Facebook credits faster.

What puts social media websites, financial institutions, online retailers, and payment processors at such high risk with this particular variant of the Zeus Trojan is that all of the fraudulent pages and windows described in the report appear legitimate to most users.

-- Andreas Baumhof, CTO at ThreatMetrix

This new ZeuS variant has been detected in campaigns targeting credit card companies from UK, US, Canada, Italy, Germany, Australia, and the Middle East.

Pages include the branding and messaging typical to each of the industries the cybercriminals are targeting. They are even personalized with the victim's name. To protect users and customers, all of these industries must realize how sophisticated today's cybercriminals are and take proper steps to prevent these attacks.

-- Andreas Baumhof, CTO at ThreatMetrix

Tagged in: gear ,

Disclaimer: All rights reserved for writing and editorial content. No rights or credit claimed for any images featured on unless stated. If you own rights to any of the images because YOU ARE THE PHOTOGRAPHER and do not wish them to appear here, please contact us info(@) and they will be promptly removed. If you are a representative of the photographer, provide signed documentation in your query that you are acting on that individual's legal copyright holder status.