An IT security product firm has described a new malware attack, that is designed to steal money from computer users’ bank accounts while posing as an $699.99 credit card charge from Apple iTunes. At first glance, recipients may find the malicious emails quite realistic as they use Apple’s logos and formatting to appear like a genuine emailed receipt from the company.
Users concerned about the unexpected charge are likely to click on one of the links contained in the email, and will then be taken to an unrelated webpage proclaiming to be the IRS, which silently uses the notorious Blackhole malware kit to exploit known vulnerabilities in Java, Adobe Flash Player and Adobe Reader.
If any of these are successful, it infects the computer with the Zeus/ZBot Trojan. Worse still, if none of the exploits work, visitors are told to download a more “up to date” version of their browsers that contains a copy of the Zeus banking Trojan horse.
The end result is that users’ Windows computers are infected by malware that can log keystrokes and compromise bank accounts.
“It is always a bad idea to click on links in unsolicited emails without thinking, but we may be more likely to do so when we think we are being charged a hefty amount of money for a product we haven’t ordered,” said Graham Cluley, senior technology consultant at Sophos. “Don’t do it. Instead, users should go to the website of the company in question, or call the number on the back of your card or billing statement to find out the truth.”
“This is especially important advice at this time of year, as we typically see increased criminal activity during the Christmas season. Be on your guard,” continued Cluley.
For more information, visit Sophos’s Naked Security site at: http://nakedsecurity.sophos.com/2012/11/23/fake-apple-invoices-lead-to-black-hole
