Related Links

  • Trusteer
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

  • Mozilla warns of new phishing scam
    Aza Raskin, a well-known US interface design expert and creative lead on Mozilla's Firefox browser software, has revealed a new type of phishing attack known as `tab napping.'
  • Researcher uncovers flaw in Apple’s Safari browser
    A security researcher from Poland has discovered what is being called a “highly critical” zero-day flaw in the Apple Safari browser that would allow for remote code execution.
  • Surveillance may be possible using bogus SSL certificates
    Much has been made in recent times about the security of SSL certificates – the digital certificates that turn a web browser bar green to indicate a certified website. But now a pair of researchers claim to have uncovered a methodology to crack the secure SSL certification system to stage a man-in-the-middle attack.
  • France joins Germany in public slamming of Internet Explorer
    Following on from Germany's internet security agency publicly slamming Internet Explorer over the weekend and advising internet users to switch to another browser, France's CERTA agency has made a similar pronouncement.
  • Check Point adds browser security to end point suite
    Check Point Software Technologies has released a new suite of end point software - R72 - to its range of software-based security offerings.
  • Security flaw exposed in Google Chrome
    Fresh after Google’s tenth birthday, the entrepreneurial company is facing reports that its new browser, Chrome, contains a security flaw, just a day after its release in beta.

Top 5 Stories


Financial hackers attacking Visa/MasterCard users with fake 3-D Secure logins

15 July 2010

Criminal hackers are using more advanced methods of trying to extract users card credentials, the latest attack vector being malware that launches a fake Visa/MasterCard 3-DSecure screen.

3-DSecure - branded as Verified by Visa and MasterCard SecureCode - is widely used as a means of authenticating online purchases using a pre-determined passphrase known only to the cardholder.

As users move to the transaction page with an online merchant, the merchant's payment provider opens an extensible code window to the card issuer's systems to request the 3-DSecure passphrase from the cardholder.

To use the service, online card users are asked to enroll in the programme, typically when they have made three online purchases with their new card.

And a fake version of this enrolment window is what the malware - actually a variant of the Zeus family - generates to the user, illegally requesting their credentials.

According to Trusteer, the secure browsing specialist, after users have initiated a secure online banking session, the Zeus Trojan injects a fake enrolment screen into the browser, illegally requesting credentials from the user.

The information gathered by Zeus is then used by fraudsters to commit `card not present' transactions with retailers that employ Verified by Visa and SecureCode protection.

This stolen data, says Trusteer, allows criminals to impersonate their victims and register with these programs to ensure fraudulent transactions escape normal fraud detection systems.

Amit Klein, the firm's CTO and head of research, said that this attack uses the familiar Visa and MasterCard online fraud prevention programs to make the request appear legitimate.

"Fortunately, online banking customers protected by Trusteer Rapport are not vulnerable to this attack since it blocks HTML injection and prevents Zeus from presenting the fraudulent enrolment request", he said.

The Rapport web browser plug-in, Infosecurity notes, is available as a free download for e-banking customers of several UK banks, notably HSBC, NatWest, RBS and Santander.

This article is featured in:
Data Loss  •  Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×