A recent report from Don Jackson at SecureWorks (dated March 20 2007) examines a new Trojan and provides some alarming insights on Internet Identity Theft. It is worth reviewing this case carefully to understand how sophisticated modern identity theft schemes have become, and how difficult it can be to investigate and prevent them.What makes this Trojan interesting is that it:
- is installed automatically simply by visiting an infected web site
- is invisible to the user
- is often missed by anti-virus software
- is able to steal identity information even if it is encrypted using https
- efficiently collects large amounts of information and sends it to a “mother ship”
- provides an interface for fraudsters to easily purchase the stolen data
- is been used to collect thousands of login credentials at major banks and government agencies
- has not been shut down
- is only one of many such programs that are now offered as kits
source: http://www.andrewpatrick.ca/essays/modern-internet-identity-theft/
his source: http://www.secureworks.com/research/threats/gozi/?threat=gozi
