In the latest outing for the infamous Zeus Trojan, cybercrooks have begun placing bogus banner ads offering investment opportunities on Web sites belonging to some of the world's biggest companies, including Citibank.
In a move spotted by security outfit Trusteer, professional looking ads have begun appearing over the sites of companies such as AOL, Amazon, Apple, CNN, Citibank and Forbes trying to lure victims to a fraudulent site called ursinvestment.com.
In one attack against Forbes.com, the crooks inject a very compelling overview of the fictitious URS Investment Fund, offering wealthy individuals the opportunity to achieve extremely high rates of return through a "prestigious" investment program, says Trusteer's Amit Klein in a blog.
The criminals have taken the scam a step further in a similar attack against the Yahoo Finance pages, claiming that URS has established a partnership with company.
Victims who click on the ads are taken to the fake Web site and asked to enter login and password details before being prompted to upload funds though a bank wire transfer or using Western Union before being asked to choose an investment programme.
Says Klein: "This new attack is noteworthy for the level of sophistication and depth and breadth of content that the criminals have developed to make the scam appear legitimate and believable. Unlike many Zeus attacks, this is less about the attack code and all about selling the fraud scheme."