Sunday, September 25, 2005

Phishers set sights on AOL users

"Hapless" is so apropos.

René Millman writes in SC Magazine:

Phishers are targeting hapless AOL users in an attempt to steal personal information and credit card details, according to Websense Security Labs.

A phishing email claiming to come from AOL's security department is being sent to subscribers telling them the company suffered a security breach over the weekend and that personal information had been compromised.

The email also asks users to log onto a website to download a fake "security patch", in order to "protect their information".

"Failure to download this security patch in the next 48 hours will result in the temporary suspension of your America Online account," said the spoof message. "At this point we will send you a Security Patch CD in the mail. Upon installing it, your account will be reactivated."

If a user clicks on the link, they get redirected to a website hosted in Scotland which downloads a piece of malware, named patch.scr, written in Visual Basic and using Yoda Crypt.

Once the file is executed, it asks user to disclose confidential account and billing information, including their account limit. This information is then sent in a text file via FTP to an account at a hosting facility.

0 Comments:

Post a Comment

<< Home