WARNING: Zeus Trojan Using Facebook Login Pages As Bait To Target Credit-Card Info

By David Cohen 

The Zeus Trojan is on the prowl again, hungry for credit-card information and other personal data, and Facebook is being used as the bait.

ThreatMetrix reported that a new variant of the peer-to-peer version of Zeus Trojan has been luring Facebook users with a seemingly authentic login page, but once users enter their credentials, fraudulent pages request credit-card information, with common scams including offers to link debit cards to Facebook accounts in order to easily transfer Facebook Credits, or to earn 20 percent cash back by linking debit cards with Facebook.

Google is being dangled as bait, as well, with offers to join a new processing system created jointly with Verified by Visa, MasterCard SecureCode, and Google Checkout, or to link debit cards to Google accounts in order to shop safely and securely.

ThreatMetrix Chief Technology Officer Andreas Baumhof said:

Today’s cyber-criminals are rapidly evolving to surpass some of the most advanced malware and cyber-crime automatic detection routines. The latest Zeus variant catches victims off-guard by waiting to attack until after a website’s login page appears to be functioning normally. After the victim logs in, the Zeus Trojan attempts to steal confidential information.

What puts social media websites, financial institutions, online retailers, and payment processors at such high risk with this particular variant of the Zeus Trojan is that all of the fraudulent pages and windows described in the report appear legitimate to most users. Pages include the branding and messaging typical to each of the industries the cyber-criminals are targeting. They are even personalized with the victim’s name. To protect users and customers, all of these industries must realize how sophisticated today’s cyber-criminals are and take proper steps to prevent these attacks.

Readers: Have you come across any fishy authentic-looking Facebook pages?