Information Security Professionals Detect Trojan in Credit Score Checking Application
Recently, security researchers at Trend Micro identified a malicious credit score application in a public forum.
Usually, credit scores are developed by credit bureaus and are used by banks, financial institutions to accept or reject a credit application by a customer. They are also used to determine the credit limit on a credit card. The scores are based on past payment history, defaults and delinquencies, length of credit history, and types of credit availed by customers. The scores are also used by telecom companies and employers. As such, credit scores generate curiosity among the users. Criminals cash on the curiosity to deceive users and steal privileged information. Several other malicious applications are created to trick users to believe the proposition and share confidential information. As Internet users recognize old techniques of lottery, prize offers and phishing e-mails, offenders are devising new sophisticated mechanisms to defraud users. Attacks such as spear phishing are now more specific, making it difficult for users to doubt their authenticity. Such threats compromise information security of the affected individuals.
In the recent times, there has been an onslaught of financial malware such as Zeus, Bugat and their variants. The malware are designed to extract specific information such as online banking username and passwords from the targeted computers. Employees of banks and financial institutions are the usual targets of financial malware. Banks and financial institutions must create security awareness among the employees and use ethical hacking to weed out vulnerabilities in the IT infrastructure.
Users must be wary of opening unsolicited e-mails, applications, files and PDF attachments. They must avoid clicking on suspicious links on websites and e-mails. Information security professionals suggest users to install and update anti-virus, anti-spyware and anti-malware solutions. They must regularly scan the computers for viruses and Trojans. Adherence to security advisories from software vendors and security firms may help Internet users in securing their computers from sophisticated threats.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences.
Tag Words: information security, security, credit score, trojan, malware, financial malware, trend micro, anti virus, anti spyware, anti malware