Trusteer flags up Facebook malware scam

Facebook key

Trusteer has discovered a Citadel malware configuration that targets Facebook users with fake requests for donations to children's charities.

The security software firm said the aim of the scam is to steal credit card data from charity-minded members of the social networking site.

Once Facebook users have logged in, the Citadel injection displays a pop up that asks for a $1 donation to a children's charity. The unsuspecting user is then asked for his or her credit card information.

The malware is effective because it targets users by language. It also poses as legitimate, well-known charities in targeted countries.

The company said the malware has web-injection pages in five languages: English, Italian, Spanish, German and Dutch.

In the English-language version, the malware poses as a charity for impoverished Haitian children.

Meanwhile, the Italian version uses the Red Balloon campaign, which was set up to help fight child mortality in Italy.

"This attack illustrates the continuing customisation of financial malware and harvesting of credit card data from the global base of Facebook users," said Trusteer's chief technology officer, Amit Klein.

"Using children's charities as a scam makes this attack believable and effective. Meanwhile, the one dollar donation amount is low enough that virtually anyone can contribute if they chose. This is a well-designed method for stealing credit and debit card data on a massive scale," he added.