A new Trojan horse attack has been identified in the wild, named Trojan.Kardphisher by Symantec. This Trojan horse uses *very* clever social engineering to steal the credit card numbers from users.

If infected, you will be presented with a very realistic looking warning that your copy of Windows has been activated by another user, and you will be asked to enter personal data including a credit card number, in order to re-activate your Windows license. It tells you that your credit card is basically for identification purposes only and will not be charged. (Rest assured, it will be charged.)

This Trojan takes full control of your computer and renders it unusable. It blocks the Task Manager, so you cannot end it’s process. If you do not enter your credit card number, your computer will shut down immediately.

For more information:

http://www.symantec.com/security_response/writeup.jsp?docid=2007-042705-0108-99&tabid=1
or
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9018645&source=NLT_PM&nlid=8

Posted on Saturday, May 5th, 2007 at 11:51 AM and filed under Email Security, Malware, Scams. You can follow any responses to this post through the RSS 2.0 feed. You can leave a comment, or you may trackback from your own site.