Facebook users Beware! Malware tricks you expose credit cards details

According to Security firm Trusteer, a new piece of malware, variant of the Ice IX malware, is tricking Facebook users into handing over their credit card, debit card, and/or social security numbers.

How the malware performs the trick:

The malware tricks the Facebook users by displaying a separate Web form inside a browser pop-up window, which looks similar to Facebook’s design, when the user navigates to the Facebook’s login webpage. A version of this malware asks the Facebook user for Cardholder name, Credit or debit card number, Expiry date, Card identification number, and Address on your monthly statement.

The resemblance of the page to the Facebook’s login page and the claim made on it, makes the user believe that the information is indeed needed for the verification purposes.

Once the user puts in the asked information, the malware forwards the sensitive information to its authors via instant message, so it can be abused as soon as possible.

Please don’t render your credit card, debit card details, and/or social security numbers, if asked to; unless you are sure of the source. Note that, Facebook will never ask for your credit card number, debit card number, social security number, or any other sensitive information on the site or via e-mail.


No comments