American Express Alerts Against Phising Pop-ups

by CXOtoday Staff    May 10, 2006

American Express has alerted its customers about a pop-up message that appears while you try to access the actual website of the credit card firm.

A trojan causes this popup and it appears only on infected computers. The Pop-up box appears with a message that reads, “We are currently performing regular maintenance of our security measures. Please fill in the correct information for the following category to verify your identity.” The form given below the message asks to enter Social Security Number, Mothers Maiden name and Date of Birth. This information is enough for the phishers to hijack and fake one’s identity.

Hackers or phishers are using a new bait to steal sensitive information from Internet users - keyloggers. Hackers use account information such as passwords, PINs and other confidential data to impersonate victims, and can then run up charges.

Experts at MicroWorld Technologies were of the opinion that this sophisticated trick could fool even the computer savvy.

Govind Rammurthy, CEO, MicroWorld Technologies said, “This can easily trick people as the pop-up appears after you key in the legitimate and highly secure website address of American Express. On 11th of April, we had informed the world about Win32.Qhost.v, a Trojan clicker or DNS Re-router that redirects browsers to unwanted or malicious websites. This one is pretty much on the same line, the difference being it comes as a pop-up box.”