If you don’t have enough to worry about, here’s a new malware warning. A new strain of Zeus malware puts Facebook and Gmail users at high risk for cybercrime. This new variant steals credit card information by posing as the typical login pages for Facebook and Gmail and then asking users to enter credit card credentials.
Security firm ThreatMetrix identified this strain as a new variant of the peer-to-peer (P2P) version of the notorious Zeus Trojan.
It poses intensified risk for Facebook and Gmail users due to its unusually cunning behavior, catching victims off-guard by waiting to attack until after a website’s login page appears to be functioning normally.
After the user logs in, fraudulent pages appear personalized with the victim’s information and request credit card information, posing as genuine assets of Facebook or Gmail.
“Today’s cybercriminals are rapidly evolving to surpass some of the most advanced malware and cybercrime automatic detection routines,” said Andreas Baumhof, chief technology officer, ThreatMetrix.
“Recently, social media platforms have taken to monetizing their sites. Facebook now has Facebook Credits, while Google’s Checkout is widely used by many online vendors. Online businesses need to take the proper steps to protect their users from these attacks.”
ThreatMetrix tracked this strain of attacks on sites like Facebook and Gmail, formulating a list of common scams consumers need to be aware of:
- “Transferring Facebook Credits to your bank account is now available!”
- “Earn up to 20 percent cash back purchasing Facebook Credits with your MasterCard or Visa debit card.”
- “Link your debit card right now with your Google Mail account to pay simply and securely at more than 3,000 stores online.”
For more information on the new strain of Zeus Malware, ThreatMetrix Labs reports are available at http://threatmetrix.com/resource-center/threatmetrix-labs-reports/.
Join Twitter, Reddit, Google, Cheezburger, Huffington Post, StumbleUpon and many more at the Dallas Digital Summit on December 4-5. – Dallas Digital Summit 2012