Hackers about hacking techniques in our IT Security Magazine

SpyEye banking Trojan uses SMS hijacking feature

SpyEye has been observed trying to trick users into reassigning their cellphone numbers to receive one-time passwords (OTP) from their banks by SMS. The social engineering scam (assuming SpyEye has already infected the target PC) is found on fraudulent pages injected into a users online banking session that falsely claim they have been assigned a OTP.

The fraudsters can then receive all future SMS verification codes for the hijacked bank account via the mobile network. A fraudster can then use the OTP to redirect/transfer funds from a customers bank account.

0 Responses on SpyEye banking Trojan uses SMS hijacking feature"

Leave a Message

Your email address will not be published.