Activate Windows to lose your money

Filed Under: SophosLabs

A novel trick used by malware authors shows how effective social engineering can be to glean personal information off unsuspecting users.

Troj/Kardphis-A displays a fake message suggesting that the victim's Windows copy might be a pirated one. It urges users to reactivate Windows by providing their credit card details and assures them that nothing will be charged to their card.

Kard1

If the user declines to reactivate, the system is immediately shutdown, and the same message is displayed again on rebooting.

If the user chooses to proceed with it, a second window is displayed where they are asked to enter their credit number, expiry date for the card, the CVV number and the ATM pin.

Kard2

Once entered, these are sent to the hacker's server.

You might like