Crimeware: Petrobras and Losango

Websense Security Labs has received reports of an email scam which targets customers (and potential customers) of Losango Financial Institution and Petrobras in Brazil. The email, which is spoofed, poses as a message from Petrobras for a new type of credit card that requires an online application.

The email includes a link to a website which is hosted in Brazil and was up and running at the time of this alert. The link poses as an application form in PDF format which must be downloaded and completed. Upon clicking the link, users are redirected to a fraudulent site hosting a Windows executable which installs a Trojan Horse downloader and a key logger. The executable is called petrobras.exe. WebsenseŽ - Security Labs Alert: Crimeware: Petrobras and Losango

Linked by shanmuga Thursday, 29th December 2005 7:22AM