According to Trusteer CTO Amit Klein, a new version of the Citadel malware targets Facebook users with a fake request for donations to children's charities.
"The security software firm said the aim of the scam is to steal credit card data from charity-minded members of the social networking site," writes IT PRO's Cassie Daum.
"After users have logged into their Facebook account, the Citadel injection mechanism displays a pop up that encourages the victim to donate $1 to children who 'desperately' need humanitarian aid," Klein writes. "Then, it asks users to fill in their credit card details. The malware is configured to deliver the attack based on the user's country/language settings, with web-injection pages in five different languages: English, Italian, Spanish, German and Dutch."
"[Klein] said it was an interesting twist that the criminals did not reuse the same text for every language," writes International Business Times' Matthew Chapman. "Instead, each attack was customised based on the victim's country. 'This attack illustrates the continuing customisation of financial malware and harvesting of credit card data from the global base of Facebook users,' Klein said. 'Using children's charities as a scam makes this attack believable and effective. Meanwhile, the one dollar donation amount is low enough that virtually anyone can contribute if they choose. This is a well-designed method for stealing credit and debit card data on a massive scale.'"