SHARETIPSINFO >> Article Home >> Hackers target American Express site [ TUESDAY, MAY 02, 2006 12:56:30 PM]

Phisers are at it again. And this time at the receiving end seems to be the financial major American Express. The company's credit card and travel services division has issued a warning about what it calls a false "security measures" pop-up screen that appears when users log in to its secure site.

In an alert posted online, the New York-based company included a screenshot of the pop-up, which tries to lure the user into entering name, social security number, mother's maiden name and date of birth.

"Please note that this fraudulent activity may be the result of a computer virus and is not a part of the American Express website. If you received this pop-up box, your computer may have this virus," the company warned.

The threat from sophisticated banking Trojans isn't exactly new. Earlier this year, researchers at Websense Security Labs discovered a password-stealing Trojan that used sophisticated DNS (Domain Name System) redirection techniques to dodge server shutdowns and hijack online banking data.

The threat to financial institutions from Phishers and identity thieves is not new. In a similar attack earlier this year, users of more than 100 financial institutions in the United States and Europe, including Bank of America, HSBC, Barclays Bank and Lloyds TSB, were targeted. The password-stealing Trojan was programmed to modify the contents of host files on infected machines to serve up fake banking sites that move from server to server to avoid shutdowns.

The Trojan, which used Domain Name System redirection techniques to dodge server shutdowns and hijack online data, was discovered by the researchers at Websense Security Labs.

Click here for Indian stock market tips