Zeus P2P Variant Exploits Trusted Brands to Steal Debit Card Data
May 2012 by Trusteer
Trusteer recently discovered a series of attacks being carried out by a P2P variant of the Zeus platform against some of the internet’s leading online services and websites. The attacks are targeting users of Facebook, Google Mail, Hotmail and Yahoo – offering rebates and new security measures. The scams exploit the trust relationship between users and these well-known service providers, as well as the Visa and MasterCard brands, to steal users’ debit card data.
In the first attack against Facebook, the malware uses a web inject to present the victim with a fraudulent 20% cash back offer by linking their Visa or MasterCard debit card to their Facebook account. The scam claims that after registering their card information, the victim will earn cash back when they purchase Facebook points. The fake web form prompts the victim to enter their debit card number, expiration date, security code, and PIN.