May 6, 2007

We are Microsoft, give us your ATM PIN !!!

Scammers all over are making it harder for common people to identify social engineering tricks... Look at the latest phishing scam associated with a trojan for Windows... According to the Symantec Security Response Weblog:


Recently we came across an interesting Trojan sample, detected by Symantec as Trojan.Kardphisher. The Trojan is not very technical - it's really just another classic social-engineering attack. What makes it interesting is that the author has obviously taken great pains to make it appear legitimate.

How legitimate? Look at the screenshot:

The trojan runs on startup and pretend to be a Windows Activation dialog. Note how it asks for name, address, credit card number, expiry date and even ATM PIN!

So, beware. Windows Activation does not ask for this information. Also it offers the option to activate over the phone. If you are in doubt and the machine has been activated before, run an anti-virus!

Stay tuned.. Wave