Facebook malware tricks users with charity donation requests

Malware

by Tineka Smith| 23 July 2012

Security firm, Trusteer, reveals that cyber criminals are collecting credit card data from Facebook users by posing as children charities.

The cybercriminals use a Citadel Trojan that displays pop-ups encouraging users to donate money to children in need of humanitarian aid.

In order to donate money, Facebook users are asked to fill in their credit card details. This particular malware is able to attack unsuspecting users based on their country and language settings.

The malware allows users to see the fake charity donation requests in five different languages which include English, Italian, Spanish, German and Dutch.

Citadel Facebook scam

Trusteer notes that the criminals do not use the same text for each language and have customised each attack to fit a user's country or region.

In the English version of the attack, scammers ask users to make a $1 donation for impoverished Haitian children. The scammers then ask for users to fill out a form detailing their name, card number, expiration date, CVV and even their security password.

In the Dutch version of the attack the cyber criminals have even pretended to be part of the internationally- known charity, Save the Children.

Citadel Facebook malware

Amit Klein, CTO of Trusteer says the method used by the scammers is well designed.

This attack illustrates the continuing customization of financial malware and harvesting of credit card data from the global base of Facebook users", says Klein. "Using children's charities as a scam makes this attack believable and effective. Meanwhile, the one dollar donation amount is low enough that virtually anyone can contribute if they choose. This is a well-designed method for stealing credit and debit card data on a massive scale."

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

745 people like this.
0 people follow this.

Malware Intelligence

Suppliers Directory

  • Webroot - Security Solutions

    Webroot provides industry leading security solutions for consumers, enterprises and small and medium businesses worldwide.

  • Neverfail Overview

    The Neverfail Group is dedicated to creating a world where business applications are continuously available. High Availability, Disaster Recovery...

  • Capscan

    Capscan is a leading supplier of international address management solutions and data integrity services. Capscan has more than 1800 customers...

  • Teneo - Infrastructure Management, Performance and Virtualization Services

    Teneo is an infrastructure optimization company, providing solutions that help customers with the management, performance and virtualization of...


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.