Credit Card Gist

A new Trojan variant, the ZeuS banking Trojan, is being used to attempt to trick users of Visa and MasterCard’s online authentication systems into revealing their card details, according to a report by internet security company Trusteer.

ZeuS works by embedding itself into an infected computer and mimicking the enrollment forms for the Verified by Visa and MasterCard SecureCode security programs. The two programs allow cardholders to create unique passwords, which are then required every time the user shops at a participating e-commerce website. These passwords are entered not on the merchant’s website, but on Visa’s or MasterCard’s website, in a new browser window.

This is exactly what the new Trojan attack is attempting to exploit, warns Trusteer. Once it has infected a computer, ZeuS takes online shoppers to a fake Verified by Visa or MasterCard SecureCode enrollment page and asks them to create an account, providing their Social Security number, card number, card expiration date, CVV2 code, ATM PIN, and creating a password in the process.

“When you log into your bank, it says you have to enroll in Verified by Visa, that it’s regulated now and you have to do it,” explains Mickey Boodaei, Trusteer’s CEO.

(Via BusinessWeek.com)

Learn how to lower your card acceptance cost

Learn how to accept credit and debit cards at the lowest processing costs. The Payment Card Acceptance kit contains a video and an e-book:

• Video – Card Acceptance Best Practices for Lowest Processing Costs (18 min).
• E-Book – Payment Card Acceptance Guide (19 pages).