Post-transaction attack diverts bank calls

Imagine the following, they infect your computer with a Trojan and obtain access to your bank account, then transfer all the money and since it is a suspicious operation from the bank they call you to verify it, however you never receive the call because it is diverted to a number controlled by cyber criminals 🙂

It seems something that is only seen in the movies but also happens in real life, Trusteer (a security company) has detected a variant of the Zeus banking Trojan that it is carrying out this kind of attacks on users from the United States and the United Kingdom.

It all starts with the theft of the bank account, then victims are asked personal information including phone numbers (home, mobile and work) and the account number of your telephone company.

Remember that on an infected computer, attackers can have full control and many of the things seen on the screen could be false. What Trojans like Zeus do is inject codes into the browser to locally modify bank pages and in this way -with social engineering- request the information that is necessary to carry out the attack. It is difficult for victims to detect it because they are actually on a legitimate page, unaware that their browser was modified by malware (see example).

Once the attackers have all of the victim's personal information, configure call diversions with the telephone operator and in this way they manage to outwit the bank than to believe that everything is fine by confirming the transactions with the criminal. This gives them more time to maintain control of the account and steal money.

Other types of post-transaction attacks They can also intercept emails and hide fraudulent transactions, including the actual balance of Home Banking so that the victim does not suspect anything (always locally because their PC is infected). There are also more aggressive methods such as saturating the phone with incoming calls so that they cannot communicate from the bank or perform a DDoS on the entity to camouflage the operations carried out.

Undoubtedly they are complex attacks that not everyone does, but they exist and also with variants in Spanish, so do not think that you are safe from something like that. It is not for nothing that some use a Live-CD under a secure connection to access their online banking 🙂

See also: Banking Trojan that infects victims' PCs and mobile phones.