Feeds

Phishers target frequent flyer schemes in Brazil

Phly-phishing phreebooters pillage air miles

Protecting against web application threats using SSL

Phishing fraudsters have latched on to a new target, with attacks designed to gain compromised access to frequent flyer accounts.

The well-established class of scam, which normally involves attempts to trick victims into handing over online banking login credentials to a bogus site, often as part of a supposed security check, has now been turned towards customers of Brazilian airline companies.

Bogus messages promise more points or a supposed prize but actually only offer a chance for crooks to capture login details. Access to compromised accounts is then traded as a currency on the digital underground. For example, one crook offered to rent access to a botnet for either $60 or 60,000 air miles. In other cases, air miles are offered in exchange for stolen credit card details.

Ultimately tickets are issued on a no-questions basis to people in on the scam, who are likely to be using a fake ID to travel.

Brazilian phishers running the scam have registered multiple domains that resemble those of airline firms. Some of the attacks rely on a first wave of Trojan infections that makes sure that surfers using compromised machines are redirected to bogus domains, net security firm Kaspersky Lab warns.

Local victims are beginning to come forward, complaining that their accounts have been plundered in order to issue tickets to unknown parties. One victim claims to have lost air miles valued at $7,600, a figure that seems rather high.

Phishing scams are most commonly targeted against PayPal, online banking accounts, or (less frequently) e-commerce website accounts. Attacks against air miles programmes are a much more recent innovation, with one of the first attacks of its kind appearing last month, targeted against the loyalty programme of a German airline. The scam used a variant of the SpyEye banking Trojan.

Kaspersky Lab analyst Fabio Assolini said the Brazilian attacks are technically similar but more highly evolved because they have led to the creation of a new currency in the local underground economy. A full write up of the scam can be found in a blog post by Assolini here. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.