HelpSites

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, June 16, 2008

Dutch users Alert! - Beware of fake Tax Forms

Posted on 10:38 AM by Unknown
This is especially a warning for Dutch users (from the Netherlands). There's malware spreading where it changes your startpage to a random dutch site (.nl domain - which is a compromised/hacked site) , presenting you with this:



Full screenshot of the form:



NOTE.. This is NOT from the legitimate belastingdienst.nl site as they DON'T ask you for this info (PINCode etc).
Even though it says it's from belastingsdienst.nl, it's NOT. Only the template from belastingsdienst.nl was used here, not the form itself.
Also note the "Microsoft Certified" and "Comodo Hacker Proof" logo to make it look like a legitimate site.

This piece of malware is especially designed to target Dutch users in order to steal their banking info.

I found this out yesterday while I was helping a user with an infected PC. The PC was severly infected/badly compromised...
There was also a .bat file present, with the command to change the Internet Explorer startpage to a random .nl site with this fake tax form.
I'm still waiting for the samples and more info how this user got infected in the first place.
I guess this infection is spread via MSN, however, I cannot tell for sure yet. The samples and extra info should tell...

So beware when you see similar forms... especially when they ask to enter your PINCode.

Update... More info about the malware itself here:
http://miekiemoes.blogspot.com/2008/06/dutch-users-alert-beware-of-fake-tax_21.html
Email ThisBlogThis!Share to XShare to Facebook
Posted in Compromised, hacks, Malware | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • 3 stubborn PC problems you can fix
    Copy from retired Microsoft at Work website (retired June 30, 2013), Copyright Microsoft.  3 stubborn PC problems you can fix Ever notice h...
  • Reminder for Forum owners
    This post is actually a reminder to my previous blog post http://miekiemoes.blogspot.com/2008/04/forum-owners-take-your-responsability.html ...
  • Forum owners - Take your responsibility!!
    After we had this , with a little update here , I'm still amazed how many website owners don't take responsibility. I was researchin...
  • Email-Worm.Win32.Locksky - new stubborn variant
    I was helping a user the other day where his computer was crippled with malware. We could successfully delete all other files, registry keys...
  • Beware Telenet.be users - Telenet.be phishing scam going around
    First of all - WOW! It has been ages I have blogged here ! I really should start to blog more often again. Work & life has kept me real ...
  • Miekiemoes rules ?? Yeah right...
    This is about the Searchengine Hijack I blogged about a couple of months ago. Files responsible for this hijack are sysaudio.sys or wdmaud...
  • Friendship
    The source of these images is unknown. They were in one of those forwarded emails -- you know, the type your friends are sure you will love...
  • Fake sysaudio.sys causes Searchengine Hijack
    What is this infection about... It actually loads a script, so searchengine results are loaded within a script. For example, when you resear...
  • 10 tips to help improve your wireless network
    Copy from the retired "Microsoft at Home" website (retired 30June2013), copyright Microsoft. 10 tips to help improve your wireless...
  • Joomla! Password Reset/Remind Functionality vulnerability - update asap!
    There was a serious security vulnerability found in the popular CMS-software Joomla! (1.5.x, including 1.5.5). The vulnerability/bug resides...

Categories

  • BlogTools
  • Compromised
  • databases
  • dogs
  • email
  • Exploits
  • Firefox
  • forums
  • Funny
  • hacks
  • Internet Explorer
  • Malware
  • Me
  • Mobile
  • Online Tools
  • Other
  • phish
  • Popups
  • Prevention
  • Rant
  • Recipe
  • Registry
  • Rogue
  • scam
  • Security Products
  • Slow computer
  • Software
  • spam
  • websites
  • Windows
  • Windows Update
  • Windows Vista

Blog Archive

  • ►  2013 (11)
    • ►  June (9)
    • ►  April (1)
    • ►  February (1)
  • ►  2012 (4)
    • ►  December (1)
    • ►  November (1)
    • ►  August (1)
    • ►  January (1)
  • ►  2011 (2)
    • ►  November (2)
  • ►  2010 (3)
    • ►  November (1)
    • ►  October (1)
    • ►  April (1)
  • ►  2009 (13)
    • ►  November (2)
    • ►  July (1)
    • ►  June (1)
    • ►  May (2)
    • ►  March (2)
    • ►  February (2)
    • ►  January (3)
  • ▼  2008 (71)
    • ►  December (1)
    • ►  November (8)
    • ►  October (5)
    • ►  September (5)
    • ►  August (7)
    • ►  July (5)
    • ▼  June (12)
      • Malware Removal - Where to draw the line
      • Dutch users Alert! - Beware of fake Tax forms - ep...
      • How to guide people with fixing their computers
      • Dutch users Alert! - Beware of fake Tax Forms
      • Protect your family and computer with Windows Stea...
      • Top Ten excuses why people don't want to secure th...
      • Increase of malware found on legitimate websites
      • The Neverending Story
      • Virut is back again - sigh
      • Google Alerts - You should try it!
      • Comodo BOClean Detection of Ask
      • Woopra - new real-time Web tracking and analysis a...
    • ►  May (8)
    • ►  April (6)
    • ►  March (5)
    • ►  February (9)
Powered by Blogger.

About Me

Unknown
View my complete profile