Internet fraudsters posing as a bank has been phishing for donations for the New Zealand paralympics team for the Athens games in August.
New Zealand bank Westpac is the official sponsor for the paralympians and there is a legitimate request for donations, which can be seen on the bank's website.
The last of the two files is a variant of the Bizex trojan horse, according to Nick FitzGerald, an antivirus researcher and consultant in Christchurch. Bizex contains what's known as a keylogger, a small application that surreptitiously keeps track of what users type, such as users' credit card numbers as they type them in to make the donations.
This means the scammers need not set up bogus sites to obtain people's credit card numbers, directing the victims instead to the correct payments processor and the donation would be made. The card numbers could then be used by the scammers.
Craig Hobbs, the executive director of New Zealand's Paralympics team, expressed disgust and concern at the scam.
"It's hard enough as it is to get people to donate without these things coming along and creating suspicion."
Hobbs said that using the internet and postal campaigns for donations was attractive for the New Zealand Paralympians as it can reach many people cheaply.
The US website is still up and, apart from the Westpac scam, the site contains ads for credit card "skimmers" (hand-held magnetic strip readers) and dubious-sounding online money transfer systems.
Juha Saarinen writes for Computerworld New Zealand Online