New Facebook Attack Targets E-Cash Users

. What's this?

By Ellen Messmer

January 18, 2012Network World — Security firm Trusteer Wednesday said it's identified a new browser-based malware attack against Facebook users that's aimed at stealing money through e-cash payment system Ukash.

TRICKERY: Social engineering attacks on the enterprise are trending upwards

Amit Klein, CTO at Trusteer, says this new variant on the Carberp Trojan tries to steal money by tricking victims into divulging payment information for the Ukash electronic voucher payment system.

According to Trusteer, the Carberp botnet malware works by replacing any Facebook page the user navigates to with a fake page that then tells the victim that the Facebook account is "temporarily locked," asking for personal information, such as name, e-mail, date of birth, password and a Ukash 20 Euro (about $25) voucher number to "confirm verification" of their identity and unlock the account.

This fake Facebook page then claims the cash voucher will be "added to the user's main Facebook account balance." This scam, says Klein, is the first spotted so far related to Facebook and the Ukash payment system, and Facebook users should recognize it and be wary if they see it.

"You should always be suspicious of odd or unconventional requests," Klein says.

Read more about wide area network in Network World's Wide Area Network section.

Originally published on www.networkworld.com. Click here to read the original story.
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER