ID Theft pop-ups target American Express web site
American Express has alerted its customers about a Pop-up Message that appears while you try to access the actual website of the credit card firm. Experts at MicroWorld Technologies observe that this sophisticated trick can fool even the computer savvy.
This popup is caused by a Trojan and it appears only on infected computers. A press release from American Express says that the Pop-up box appears with a message that reads, “We are currently performing regular maintenance of our security measures. Please fill in the correct information for the following category to verify your identity”. In the form given below the message, you are told to enter your Social Security Number, Mothers Maiden name and Date of Birth. That’s enough information for anyone to hijack and fake your identity!
“This can easily trick people as the pop-up appears after you key in the legitimate and highly secure website address of American Express,” says Govind Rammurthy, CEO, MicroWorld Technologies. “On 11th of April, we had informed the world about Win32.Qhost.v, a Trojan clicker or DNS Re-router that redirects browsers to unwanted or malicious websites. This one is pretty much on the same line, the difference being it comes as a pop-up box.”
There are many breeds of malware that can directly and indirectly perform acts of identity theft and information robbery on unsuspecting users. While keyloggers capture everything that you type in, Trojans and Backdoors can let a remote attacker manipulate your machine! Many adwares and spywares that pretend to be nice utilities can be surreptitiously monitoring your moves on the computer, day in and day out.