Malware Attempts to Sniff Financial Details from Internet Users in Spain
Security researchers have identified another banking malware, which attempts to steal confidential financial details related to the targeted victims. The malware identified as TROJ_BANLOD.QSPN by security researchers at Trend Micro. The Trojan downloads a spyware called TSPY_BANCOS.QSPN, which connects to sites containing links to compromised websites. The malware arrives through spam e-mails that pretend to be arriving from National Police of Spain.
The spyware looks for web addresses of Spain based financial institutions. When the users of the compromised computers visit the above-mentioned legitimate sites, they spyware presents a malicious page. The fake sites contain data similar to that on the genuine site of the financial institutions. Once users enter the requisite financial information as well as the card verification code, the malware transmits the collected information to a designated e-mail address. The malware is more likely to affect users of Internet Explorer and Firefox. TROJ_BANLOD.QSPN may download on computer systems on visit to a malicious site, without user’s knowledge. E-learning and online university degree programs allow IT professionals to abreast themselves of latest security threats and preventive mechanisms.
The latest malware follows a recent detection of ZitMo Trojan that targets Android mobile operating systems. Internet users must be cautious of e-mails that appear to arrive from investigative agencies and financial institutions. They must avoid downloading attachments from e-mails containing suspicious or irrelevant content. They must also avoid replying to and downloading attachment from e-mails containing lot of spelling mistakes. Trend Micro has warned against similar threats in other countries as well as through other channels such as e-mails, social media sites and web search results.
Users, whose systems are affected by the malware must run a complete scan of the system through anti-virus software, change the passwords of the online banking accounts as well as also those accounts wherein they are using similar credentials. Users must use update Internet browsers at regular intervals to enhance their defenses against security threats. They must avoid arbitrary disclosure of e-mail addresses on online sites to avoid spam e-mails. Google has recently introduced a new feature to alert computer users on possible malware infection that intercepts connection to websites. Adherence to security advisories posted by Internet security experts may help users in incorporating best online practices. Webinars, e-tutorials, online degree and training programs may also help users in improving online computing practices.
Cybercriminals also use banking malware to target professionals working in banking and financial institutions. Last year, members of LinkedIn associated with banking companies were targets of Bugat financial Trojan. Hiring professionals qualified in masters of security science may improve security practices in the organization.
Contact Press
EC-Council
Website: http://www.eccuni.us
Email: iclass@eccouncil.org
Tel: 505-341-3228
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.
Processing your request, Please wait....
