50 banks were phased in pharming-type fraud

In the past 4 days, customers of at least 50 financial institutions in the US, Europe and Asia - Pacific have been exploited personal information by hackers with a special phishing trick.

Hacker builds its own website that is identical to the bank's website they intend to attack. After the user is tricked into accessing that page, the malicious code exploits a serious Windows error (released last year by Microsoft, a fix).

The unpatched computer system will automatically download a Trojan named iexplorer.exe and 5 other files from a server located in Russia. These websites also display an error message and ask users to turn off antivirus and firewall software.

The above procedure is called a pharming attack. As well as phishing online fraud, hackers first create fake websites to entice users to disclose personal information. But with phishing, victims need to click on the link in the e-mail to access the fake site, and the type of pharming directs them to malicious websites even if they type in the correct bank address in the browser. This is because hackers have changed the Internet service provider's address information through software errors on ISP servers.

Henry Gonzalez, an analyst at Websense (USA), said that fake websites, originating from Germany, Estonia and the UK, were disabled by ISPs yesterday. However, they have not been able to determine how many people have become victims in this attack.