Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

SPONSORED BLOG: Spotting a scam

by Dave Michmerhuizen & Luis Chapetti – Security Researchers, Barracuda | July 3, 2012
Bank phishing malware bypasses DNS to trick the Web browser

Indeed, our subsequent tests showed that the fake website was unable to display HTTPS pages. The legitimate BancoFalabella website did reject a fabricated login and password.

The spoofed website accepts anything offered as a login and password because it has no way to check them for validity. Instead, it saves them to use for bank fraud and identity theft. We know something is wrong with this website because after accepting false credentials, a broken webpage is displayed.  Unfortunately, by the time someone using an infected computer sees this broken page it is too late - their credentials have been captured by the malicious server.

In prior tests, this webpage also asked for a  Digipass token.  Digipass is a  secondary authentication device often used by Latin American banks.  Surrendering this token would give phishers everything they need to empty a bank account.

Malware such as this reinforces the need to be careful when using the internet.  Never click on links in emails.  Never, EVER, run programs that unexpectedly ask for permission to run.  Buy a reputable desktop antivirus program which offers behavioral detection technology, and keep it up to date.

For more information on how to protect your network please go to


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.