I just read this in the Haval Daar security newsletter:
American Express has issued a warning about what it calls a false security
measures pop-up screen that appears when users log in to its secure site.
The credit card and travel services company posted an alert on its website
about the pop-up which tries to lure the user into entering name, social
security number, mother's maiden name and date of birth. The company has
further stated that the pop-up is the not result of a compromise of its
website. Rather, it appears to be caused by a virus residing on the user's
machine. Researchers tracking malicious Internet activity say the fake
pop-up is a classic example of a banking Trojan targeting specific financial
institutions. Such Trojans are usually spammed as attachments or URLs to
malicious Web sites and stealthily infect unpatched computers running
without anti-virus protection.
related:
http://www.eweek.com/article2/0,1895,1955288,00.asp
http://www10.americanexpress.com/sif/cda/page/0,1641,24381,00.asp
I haven't heard of this before - pretty clever.
Dain White
Senior Developer / Webmaster
First Step Internet - www.fsr.com
208-882-8869 ext. 440
-------------------------------------------------------------------------
Sponsored by: Watchfire
The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious attacks. This
whitepaper identifies the most common methods of attacks that we have seen,
and outlines a guideline for developing secure web applications.
Download this whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000007t9r
--------------------------------------------------------------------------
