A novel trick used by malware authors shows how effective social engineering can be to glean personal information off unsuspecting users.
Troj/Kardphis-A displays a fake message suggesting that the victim’s Windows copy might be a pirated one. It urges users to reactivate Windows by providing their credit card details and assures them that nothing will be charged to their card.
If the user declines to reactivate, the system is immediately shutdown, and the same message is displayed again on rebooting.
If the user chooses to proceed with it, a second window is displayed where they are asked to enter their credit number, expiry date for the card, the CVV number and the ATM pin.
Once entered, these are sent to the hacker’s server.