Zbot Exploits MasterCard and Visa and Anti-fraud Programs


Recommended Posts

Zbot Exploits MasterCard and Visa and Anti-fraud Programs

Users tricked by fake enrollment forms

Security researchers warn that a new Zbot trojan variant attempts to trick users into exposing their card details by mimicking the enrollment forms for the Verified by Visa and MasterCard SecureCode security programs.

Verified by Visa and MasterCard SecureCode are anti-fraud services, which prevent the abuse of stolen credit card details. They allow cardholders to generate an unique password, which is then required to successfully complete online credit card transactions.

Users can be prompted to opt-in and generate their unique secure codes, if they haven't already, while shopping on the websites of merchants participating in the programs. Unfortunately, this is exactly the type of behavior that cyber crooks behind a new Zbot variant are trying to take advantage of.

According to researchers from security vendor Trusteer, who analyzed this attack, the trojan injects a page masquerading as the official Verified by Visa and MasterCard SecureCode enrollment screens into the browser, when the users initiates a secure transaction. This page asks for a wealth of information, including Social Security number, card number, card expiration date, CVV2 code, ATM PIN, and the secure password required by the programs to serve as additional verification.

Details & screenshot - http://news.softpedi...ms-147684.shtml

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...