Source: Help Net Security
So… how many times you’re going to have to tell people to NEVER give their personal information away on the web before they actually stop doing it?!?
In this article “Trusteer researchers have discovered a new configuration of the Ice IX malware that attacks Facebook users after they have logged in to their account and steals credit card and other personal information.
Trusteer even discovered a marketing video used by the creators of the malware to demonstrate how the web injection works.
This latest attack uses a web injection to present a fake web page in the victim’s browser. The form requests the user provide their cardholder name, credit/debit card number, expiry date, CID and billing address. The attackers claim the information is needed to verify the victim’s identity and provide additional security for their Facebook account.”