What's disturbing about a new hack of banking accounts -- mostly those for commercial and business -- isn't its ability to drain the accounts dry, it's that it uses information you willingly supply as it chats with you, according to Trusteer.
Trusteer, a firm focused on enterprise and consumer desktop security, describes how, in working with a financial institution, it revealed a new type of malware that uses live chat in order to commit the fraud. It's an act Trusteer calls "speaking with the devil." Trusteer explains that it uses a malware platform called Shylock that freezes a banking session when the users logs on, alerting them that "security checks" are underway. Here's what happens next:
The following message is displayed in the victim’s browser:
The system couldn't identify your PC
You will be contacted by a representative of bank to confirm your personality.
Please pass the process of additional verification otherwise your account will be locked.
Sorry for any inconvenience, we are carrying about security of our clients.
It gets even stranger in the next step when the hacker begins live chatting with the victim, posing as a bank representative, to glean more personal information. Trusteer reports that the fraud could happen simultaneously to the live chat "enticing the victim to sign/verify fraudulent transactions that Shylock is initiating in the background."
Trusteer calls this "yet another example of the ingenuity of fraudsters" using applications that trusted providers have instituted to help customers.