The fresh scam asks unwary users to “link” their credit card information with either Facebook or Google and transform these accounts into digital wallets.
A new variant of the notorious Zeus malware can manipulate the way the bank reports account balances so victims are unaware that money has been moved out of the account, Bitdefender added.
Whenever the users try to bring up Facebook or Gmail from infected PCs, they are presented with the genuine service login page, but, in the background, Zeus injects its code in the login form to also request credit card information.
The attack is totally convincing as the browser shows the URL of the real login service. It also offers a good explanation as to why the user is asked to enter credit card info:
Facebook users are told they can directly buy Facebook credits after they link the credit-card to the account, while Gmail users are told they can use Gmail as a “digital wallet” and pay by simply entering their e-mail address.