Man-in-the-middle attack uses social engineering to get Macy's, Nordstrom account holders to reveal sensitive information As holiday shoppers take advantage of the convenience of online shopping, a Zeus botnet is targeting credit-card account holders who shop several major US retailers including Macy’s and Nordstrom.Researchers with security firm Trusteer captured and analyzed malware samples designed to steal credit card information, probably in order to conduct card-not-present (CNP) fraud, said Amit Klein of Trusteer in a blog post. The attack is using a Zeus 2.1.0.8 botnet, which is the latest and most sophisticated version of the Zeus malware platform, according to Klein.MORE ABOUT BOTNETS What a botnet looks like The botnet hunters Report: Rustock still top dog among spam botnets With botnets everywhere, DDoS attacks get cheaper CNP fraud takes place in transactions when a credit card is not physically present at the point of sale, as in an internet, mail or phone purchase. In this particular attack, social engineering is used after an infected user logs onto one of the targeted retailer’s card services website and the botnet causes a man-in-the-middle-style pop up that says: “In order to provide you with extra security, we occasionally need to ask for additional information when you access your account online. Please enter the information below to continue.” In the pop-up window, the user is asked to enter several pieces of sensitive information, such social security number and mother’s maiden name.“Merchants and card issuers invest a great deal in backend technologies for detecting fraudulent transactions. These systems represent an important security layer, however the increase in malware and phishing attacks that specifically target card information is making them less effective,” Klein said. A recent report from security firm PhoneFactor found Zeus-like attacks pose the greatest threat to online banking today. The surveyed asked approximately 70 financial services professionals about the threats currently facing online banking, what banks are doing to protect their customers and perceptions about the role security plays in customer loyalty. More than half, 51 percent, of respondents said real-time attacks from online banking trojans such as Zeus were the most pressing threat they face. Password phishing and pharming were a distant second with 24 percent of respondents indicating password attacks are the greatest threat to online banking. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe