Phishing For Your MoneyPhishing For Your Money

A new trojan tries to dupe users into supplying their financial information in order to empty their bank accounts.

information Staff, Contributor

January 16, 2004

2 Min Read
information logo in a gray background | information

A new trojan that's an offshoot of a recently discovered Internet worm is attempting to empty PC users' bank accounts by duping them into disclosing personal information, an anti-virus company said Friday.

Mmdload-A apparently was distributed through a mass mailing in an attempt to trick people into downloading the recently discovered MiMail-N worm, Sophos Plc said.

The trojan is the latest looking to gather PC users' personal financial data, so that "the bad guys can completely drain their bank accounts," Chris Belthoff, a senior security analyst at Sophos.

Mmdload arrives as a zipped attachment in an E-mail that carries the same subject line and text as the MiMail worm. The message offers recipients the chance of winning cash, which will be deposited directly in their bank accounts, if they fill out the attached form.

Clicking on the attachment launches a program named Paypal.exe that contacts a Russian Web site, www.aquarium-fish.ru, to download the Mimail worm. The Web site is the same one used by MiMail to send completed forms disguised as coming from PayPal, an online payment service.

Besides displaying the forms asking for financial information, the worm also sends copies of the trojan and its attachment to E-mail addresses it steals from the infected PC.

To defend against Mmdload and other malicious code, Sophos recommends companies consider blocking all programs at the E-mail gateway. For most businesses, it's rare for employees to receive a legitimate program from the outside via E-mail.

To catch the latest trojan, however, the gateways would also have to scan incoming zip files for executables.

"Companies using applications that only scan for executables based on extensions won't catch this because it's in a zip file," Belthoff said. "But if you can scan inside a zip file, which more and more people are doing, you should be able to stop this right at the gateway."

Nevertheless, educating PC users remains crucial to avoiding infection. "End users need to be educated not to respond to these messages," Belthoff said.

Read more about:

20042004

About the Author

information Staff

information Staff

Contributor

See more from information Staff
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

A group of smiling college graduates celebrating their graduation.
IT Leadership
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era

Jan 17, 2025

Flame front of the Eaton Fire on the first night during the January 2025 California wildfires in Altadena and Los Angeles
IT Sectors
How Tech Supports the Emergency Response to the LA County Wildfires
How Tech Supports the Emergency Response to the LA County Wildfires

Jan 16, 2025

Graphic Pop Art style Illustration of Keanu Reeves as NEO from the film, The Matrix
IT Infrastructure
Y2K and Infrastructure Resilience 25 Years Later
Y2K and Infrastructure Resilience 25 Years Later

Jan 7, 2025

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring
IT Leadership
Help Wanted: IT Hiring Trends in 2025
Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Cobol programming language software development concept on vitual screen.
IT Leadership
Untangling Enterprise Reliance on Legacy Systems
Untangling Enterprise Reliance on Legacy Systems

Jan 21, 2025

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports