At Electronbox over the last few weeks we have seen an increase in infected PCs and Laptops, and heard of a few lucky escapes from several of our clients who have narrowly avoided being scammed out of money, though some have “given up” some personal data.
From phone calls from someone reportedly from Windows Support (they are not), to “your PC has been locked” messages from both the UK Metropolitan Police and a similar one from the Guardia Civil in Spanish, and remotely sent emails with various “Wow” or “Urgent” in the mail title to this new variant of an attack on Facebook users.
This is an old threat called Trojan.CarBerp but with a few more teeth this time. It works by initially sending you to fake web page, it looks very genuine but actually it is not on Facebook at all. The message on screen tells you your account has been temporarily blocked. It then asks the user to fill in information on the web form for their first and last names, it also requires the email address and your date-of-birth, it also wants to verify the account password as well. To confirm all this information it requires the user to purchase a Ukash voucher for 20 Euro and then states that the money will be “added to the userís main Facebook account balance once the voucher is received”, and it suggest that only then will the account be unlocked.
On the face of it the information requested appears reasonable and the monetary request is not extortionate. Sadly the page is a fake and your Facebook account isnít locked and you have given someone all your login information including the password. This is known as a MiTB attack (Man In The Browser) and this one gets you to purchase a cash voucher as well as your login data. Sadly if you do make the Ukash payment as requested you are never going to get it back. The Ukash service is genuine, it is essentially an online form of a cash payment and there is little in the way of traceable data for authorities to go on to track where it goes once you have purchased it. It seems it is spent on any website where it is accepted, or simply sold at a small loss almost a soon as it is collected. Like paper money the transaction leaves no trail, this form of payment known as e-cash is becoming increasingly more popular and is an easy target for clever cyber-criminals. Social Networking sites like Facebook provide easy pickings for some of the smart criminals as there is a large ready supply of users, sadly some not quite so security savvy as others.