Cyber crooks fake electronic greetings cards


Cyber crooks fake electronic greetings cards

Tash Shifrin

A gang of cyber criminals is using fake Yahoo electronic greetings cards to infect thousands of users with keylogger malware, security experts have warned.

Researchers at Exploit Prevention Labs warned that criminals operating in Australia were sending the keyloggers via fake e-mail greetings cards and using them to steal credit card numbers, bank account user names and passwords and other confidential information.

The attacks have hit account holders at nearly every Australian bank, although the total number of affected users was unclear, Exploit Prevention Labs said.

Roger Thompson, Exploit Prevention Labs’ chief technology officer, warned, “The card appears to come through one of the major eCard companies, so it is assumed to be safe, despite the user not recognising the sender’s name on the card.

“The user clicks the link to view the card, which doesn’t tell you who it’s really from, so they just close it and continue with whatever they were doing before. Unfortunately, what’s actually happened is that a rootkit has been delivered to the user’s PC before they even pick up the card.”

The security firm said it had also uncovered evidence of attacks by the eCard spammers targeting users in Europe, North America and Asia, and spoofing electronic greetings cards from a variety of providers.

Vote for your IT greats

Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?

Vote now at:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy