You Are Here: Home » E-Threats » Alerts » UK and US customers of PayPal

UK and US customers of PayPal





st1:*{behavior:url(#ieooui) }

/* Style Definitions */
{mso-style-name:”Table Normal”;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-fareast-font-family:”Times New Roman”;
mso-bidi-font-family:”Times New Roman”;

The latest phishing campaign targeting e-banking and
e-payment customers features several malicious components. First, the
unsolicited message that disseminates the malware purports to deliver the
ultimate Open Source Antivirus Solution, asking the users to visit a Web page
where they can download the product.


However, upon clicking the link, the user does not receive
the promised security suite, but a fake executable – setup.exe – which is, in effect, a self-extracting archive. Its
purpose is to replace the content of C:WINDOWSSystem32driversetc
and to alter the Web browser’s behavior, by automatically loading maliciously
crafted pages for phishing purposes of PayPal, Abbey and Halifax.

Each time the user types in his or her browser the address
belonging to one of these financial institutions, he or she is automatically
redirected towards the fake pages. Here, the log in credentials (user name,
password, security code) and other sensitive data (first and last name,
complete home and e-mail address, credit card number, expiration date, Card
Verification Code, and even PIN) are pilfered using PHP scripts. All other menu
options available on each page redirect the user towards the appropriate sections
of the genuine Web site. The analysis revealed that the bogus Web pages load
from domains registered in China
and Korea.


Rogue 2


Rogue 3


Rogue 4

About The Author

With a humanities passion – and background (BA and MA in Comparative Literature at the Faculty of Letters, University of Bucharest) – complemented by an avid interest for the IT world and its stunning evolution, I joined in the autumn of 2003 the chief editors’ team from Niculescu Publishing House, as IT&C Chief Editor, where (among many other things) I coordinated the Romanian version of the well-known SAMS Teach Yourself in 24 Hours series. In 2005 I accepted two new challenges and became Junior Lecturer at the Faculty of Letters (to quote U2 – "A Sort of Homecoming") and Lead Technical Writer at BluePhoenix Solutions. After leaving from BluePhoenix in 2008, I rediscovered "all that technical jazz" with the E-Threat Analysis and Communication Team at BitDefender, the creator of one of the industry's fastest and most effective lines of internationally certified security software. Here I produce a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases. Every now and then, I enjoy scrutinizing the convolutions of e-criminals' "not-so-beautiful mind" and, in counterpart, the new defensive trends throughout posts on Balancing the keen and until late in night (please read "early morning") reading (fiction and comparative literature studies mostly) with Internet "addiction", the genuine zeal for my bright and fervid students with the craze for the latest discoveries in science and technology, I also enjoy taking not very usual pictures (I’m not a pro, but if you want to see the world through my lenses, here are some samples, messing around with DTP programs to put out some nifty book layouts and wacky t-shirts, roaming the world (I can hardly wait to come back in the Big Apple), and last but not least, driving my small Korean car throughout the intricacies of our metropolis’s traffic.

Number of Entries : 106

Leave a Comment

© 2012 Powered By Bitdefender

Scroll to top