Scams use striptease to break Web traps

midway40 · Nov 1, 2007

Scams use striptease to break Web traps

SAN JOSE - In a new online striptease, the buxom, beautiful blonde who promises to remove her slinky scraps of lingerie doesn't want your money. She's interested in your brain. Really.

The creation of online scammers, she's trying to trick unsuspecting Internet users into helping the scammers break the online barriers that banks and e-mail services set up to thwart crooks.
Click to expand...

More here

Symantec identifies it as Trojan.Captchar.A

LoneWolf · Nov 1, 2007

More here
Click to expand...

Brings me to a page to sign in.

Another link ?

midway40 · Nov 1, 2007

It goes directly to the page here without any signing in.

Here is the full story:

Scams use striptease to break Web traps
Associated Press
Article Launched: 10/31/2007 04:57:15 PM PDT

SAN JOSE - In a new online striptease, the buxom, beautiful blonde who promises to remove her slinky scraps of lingerie doesn't want your money. She's interested in your brain. Really.

The creation of online scammers, she's trying to trick unsuspecting Internet users into helping the scammers break the online barriers that banks and e-mail services set up to thwart crooks.

The striptease is the latest attempt to defeat so-called CAPTCHA systems, which is short for Completely Automated Public Turing test to tell Computers and Humans Apart. Those safeguards require users to prove they are human by reading wavy, oddly shaped jumbles of letters and numbers that appear in an image and typing them out.

In the new scam, an icon of an alluring woman suddenly appears on a Windows computer infected by a virus. After clicking on the icon, the user sees a photo of an attractive woman who vows to take off an article of clothing each time the jumble of figures next to her is entered.

But the woman never fully undresses, and after several passwords are entered the program restarts, possibly enticing unsuspecting users into trying again.

Trend Micro researchers say the scam appears to be isolated for now to spammers trying to register bogus e-mail addresses and flood chat rooms with unwanted pitches. But they worry schemes to infiltrate financial institutions could soon appear.

Paul Ferguson, network architect at Trend Micro, speculated that spammers might be using the results to write a program to automatically bypass CAPTCHA systems.

"I have to hand it to them," Ferguson said, laughing. "The social engineering aspect here is pretty clever."
Click to expand...

They show what it looks like in the Technical Details in the Symantec link (of course the woman is blurred, lol)

19monty64 · Nov 1, 2007

I got a pic for prank-purposes, not the actual dLo. Pops up in screensaver just to scare the family for Halloween.

Eh_Greg · Nov 1, 2007

LoneWolf said:

Brings me to a page to sign in.

Another link ?
Click to expand...

Yep

The pic alone should tell you something fishy is going on. LOL !

steve161 · Nov 1, 2007

No amount of security software is going to save people not immediately suspicious of this icon unexpectedly appearing on their screen. I'm safe though, because most of the time I screw-up the CAPTCHA login.

Rmus · Nov 1, 2007

Scams use striptease to break Web traps
Associated Press
Click to expand...

That article omitted an important point:

The program comes to life when the Internet Explorer browser is used on infected machines.
Click to expand...

http://news.bbc.co.uk/1/hi/technology/7067962.stm

The Symantec bulletin elaborates:

When the Trojan is executed, it starts a hidden instance of IEXPLORE.EXE and injects itself into the newly created process.
Click to expand...

---
rich

19monty64 · Nov 2, 2007

benny bronx said:

I'm safe though, because most of the time I screw-up the CAPTCHA login.
Click to expand...

Good, I'm not the only one!!! We could sure mess up their database with misinformation...

Log in or Sign up

Scams use striptease to break Web traps

midway40 Registered Member

LoneWolf Registered Member

midway40 Registered Member

19monty64 Registered Member

Attached Files:

Captcha.gif

Eh_Greg Registered Member

steve161 Registered Member

Rmus Exploit Analyst

19monty64 Registered Member

Log in or Sign up

Scams use striptease to break Web traps

midway40 Registered Member

LoneWolf Registered Member

midway40 Registered Member

19monty64 Registered Member

Attached Files:

Captcha.gif

Eh_Greg Registered Member

steve161 Registered Member

Rmus Exploit Analyst

19monty64 Registered Member

Useful Searches