The notorious ZeuS banking Trojan is showing off a new trick: Popping up on infected computers with a fake enrollment screen for the "Verified By Visa" or "MasterCard SecureCode Security" programs.
The Zeus Trojan, with its ever-growing capability to steal financial information and execute unauthorized funds transfers, has recently been seen attacking banking customers on infected machines by displaying a fake "Verified by Visa" enrollment screen, or its MasterCard counterpart SecureCode, trying to lure victims into a fraudulent online enrollment action that would end up giving criminals their sensitive financial data.
"When you log into your bank, it says you have to enroll in Verified by Visa, that it’s regulated now and you have to do it," explains Mickey Boodaei, CEO at Trusteer, a security firm that makes software specifically designed for use by banks and their customers to deter malware of this kind.
The remotely controlled ZeuS botnet, used by criminal organizations, infects PCs, waits for the victim to log onto a list of targeted banks or financial institutions, and uses various ruses to steal credentials or execute unauthorized funds transfers.
This newer attack with utterly fake Verified by Visa and MasterCard SecureCode is designed to trick banking customers into giving over their personal identification numbers, Social Security number, credit and debit card number with expiration date, and more, Boodaei says.. "We are investigating ZeuS so we encounter new variants," he says.
Visa describes its Verified by Visa program as going beyond the already existing fraud detection it provides with "an extra layer of security at the point where you enter credit-card information online. The service helps prevent unauthorized online use before it happens by confirming your identity with an additional password."
Those who think they have seen these fake Visa and MasterCard screens on their PC should do what they can to disinfect their machine and contact their bank, Boodaei advises.