
Latest scam blends phishing, spam and hacking tools…
By Andy McCue
Published: 13 August 2004 15:00 BST
Police are warning internet users about 'Trojan' emails containing links to malicious websites that can steal sensitive information such as PINs and password log-ins from vulnerable PCs.
The UK's National Hi-Tech Crime Unit (NHTCU) said the spam emails contain details of a fictitious order for web hosting or computer goods and display the cost that will supposedly be charged to their credit card.
The email also contains a link to a website to view the order in more detail but if people click on the link, it takes them to a malicious website that allows hackers to steal data from their PC.
The user is presented with a site that appears to be under construction but an exploit for a security flaw in Microsoft's Internet Explorer browser allows the criminals to plant a key-logging Trojan on an unpatched PC. The hackers can then record the victim's log-ins, passwords and PINs for online banking accounts the next time they use them.
In addition, the Trojan compromises the machine, giving the attacker full remote access, which allows them to control the computer for other purposes.
Police have traced the malicious websites to North America and China and the NHTCU is working with the banking industry to shut them down.
Users are urged to download the latest Microsoft security patches for the well-publicised flaws in IE to protect themselves against the scam.
Detective Chief Superintendent Len Hynds, Head of the NHTCU said in a statement: "The criminals behind these attacks are constantly evolving their techniques and changing tactics to target a wider range of victims. With this range of exploits being blended in one piece of code, it is not just about online banking. There is a second key-logger and a program that allows the machine to act as a mail proxy that could be used by spammers. It is the Swiss Army knife of the cyber-criminal."
Where does it all end ! Every second of the day th...
Billy the Kid
Yes, exactly, the "whole Internet thing", is so fl...
Anonymous
The Internet is unfolding and evolving the way it ...
Nick Lansley
Answer .. Dont use Internet Explorer or get the se...
hcgrant
I get more then a little fed up with all these rep...
Jason Broomfield
Design and development of websites, banners and html emails HTML and CSS including cross-browser compatibility issues We are recruiting for a ...
Ideally experience of MySql and Apache configuration and maintenance on a Linux machine. Working as part of a multidisciplinary team to produce ...
You'll design HTML emails and liaise with their design agency to ensure work meets the timescales given. You'll be responsible for the maintenance of ...
Agenda Setters 2008
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Naked CIO Naked CIO: Should you monitor staff? Somebody's watching you
Elinor Mills Why 1970s hackers had 'whiz kid' status Q&A: Kevin Mitnick - blackhat hacker turned good guy