Scam Alert: New Zeus Fraud

Facebook may be infected with a new Zeus-based virus.

Facebook does let users block applications, which can be important for security, but there are other areas where it is left open to attacks and privacy issues. One new attack looks to hit users of Facebook, Gmail, Hotmail and Yahoo where it hurts – right in the pocket book. The Zeus malware is looking to go after debit cards, according to Trusteer.

“We’ve recently discovered a series of attacks being carried out by a P2P variant of the Zeus platform against some of the internet’s leading online services and websites,” Trusteer said in a blog post, adding that the malware comes from an ad purporting to offer rebates and new security measures to users who click on it. “The scams exploit the trust relationship between users and these well-known service providers, as well as the Visa and MasterCard brands, to steal users’ debit card data.”

Trusteer said that in the first attack against Facebook, users saw an ad for a 20 percent cash back offer by linking their Visa or MasterCard to their Facebook account. The scam claimed that when users registered their card information, they would earn cash back when purchasing “Facebook points.” Sound legit? Nope. No such thing as Facebook points exist! Beyond this, no one should ever trust putting their credit or debit card information onto a social networking website.

“This attack is a clever example of how fraudsters are using trusted brands – social network/email service providers and debit card providers – to get victims to put down their guard and surrender their debit card information,” Trusteer said in the blog post about the attack. The company said these are well-crafted attacks and are difficult to spot as fraud, so users need to be extremely careful when clicking on Facebook and Gmail prompts that seem like they could be too good to be true.

Whether the attacks are on Yahoo, Facebook or Google, InformationWeek said they are all variants of the Zeus virus. This is a virus that looks to get into your bank account. Computers infected by the Zeus virus can also become “zombie PCs,” which is about as scary as it sounds. These zombie machines may become part of a much larger network of botnets and look to attack users across the world, thereby making them part of the botnet. InformationWeek said that although there have been multiple attempts to take down the crooks using Zeus, there are many still very active out in the wild west (or in layman’s terms, the internet).

Avoiding malware on Facebook has become a necessity for users of the world’s most popular social media website, so SparkyHub provided some common sense tips for how to avoid this danger. Think before you act, the website advised, avoid links and videos with very catchy phrases or words, and always avoid messages that have been posted by multiple users.

“[The] virus spreads among your friends who were not so cautious,” the website said. “If a link with title such as ‘Sexiest video ever’ shows up all over your feed from all kinds of people (perhaps friends you would not expect to make such a post), this is another warning sign. Similar direct messages are a likely variant of the notorious Facebook Koobface virus which has used this approach in the past.”

How do you try to stay safe on Facebook? Do you try to manage a layered security approach? Have you ever had to restart and restore your computer due to a nasty Facebook virus?

Scott Cornell

When he’s not knee deep in blogging and all things tech, Scott spends his free time playing ultimate Frisbee and watching foreign films. An expert in emerging tech trends, Scott always has his ear to ground for breaking news related to IT security.