RSA has warned of a new and potentially dangerous variant of the Rock Phish scam that targets financial institutions.
According to the security vendor, the new attack specifically targets the business account holders of these financial institutions.
Victims are duped into accepting a fraudulent 'certificate' file, which purports to allow the user to access his/her online banking account. The certificate is in fact a Trojan that allows the cybercriminals to extract information from the infected computer.
Interestingly, the malware also captures usernames and passwords from instant messaging program ICQ, as well as FTP credentials.
“The social engineering infection vector is one that had not previously been used by the Rock group,” RSA said.
Although the exact nature of the Rock Phish entity is disputed, RSA believes it is a gang of cyber criminals. It is estimated to be responsible for more than 50% of all phishing attacks around the globe.