Password-stealing Zeus Trojan Spreading Via Spammed Emails
The mighty Zeus Trojan is a specifically designed to steal the banking details of its victims by logging their keystrokes. Once this Trojan is inside a system it is never easy to get it out, even if you gear your PC up with an antivirus program. This is why cyber-criminals are so determined to spread it around and infect as many computers as possible.
The Zeus Trojan is mainly distributed via malicious websites and unsolicited e-mails. The latest scam used to spread Zeus involves fake LinkedIn e-mails. The e-mails are apparently invitation reminders from communication@linkedin.com. In order for a person to accept the invite they have to click on the provided link which is actually a dangerous trap.
Once the link is clicked on, the user will be redirected to a webpage which will display the message “Please waiting …. 4 seconds”. While this message is being displayed malicious activities are taking place in the background which the user is completely unaware of. The seemingly innocent webpage actually contains harmful JavaScript which is hidden in an iFrame that can detect which browser a victim is using as well as which applications are running.
The JavaScript will search the system for vulnerabilities or out dated software it can exploit in order to drop Zeus onto the system. Once Zeus is dropped you can only expect the worst; confidential information such as online banking details, passwords and credit card numbers will all be captured as soon as a user types the data into a webpage.
When it comes to the Zeus Trojan, it’s a case of prevention is better than cure. Avoid becoming the next victim of Zeus by keeping your computer software up-to-date, more especially if it is Adobe Reader, Flash or Java. Additionally practice extreme caution when clicking on links in unsolicited e-mails even if it appears to come from a legitimate source. Rather type out the URL yourself or go to the home page of the website.
Popularity: 19%
