Tinba Trojan Targets U.S. Bank Customers With Browser Exploit
This nasty piece of malware sneaks its way onto customer PCs through the Rig Exploit kit, which takes advantage of Flash or Silverlight exploits. Unfortunately for the victim, he or she can fall prey to the Trojan simply by visiting a banking site that's been infected with the Rig Exploit kit.
Don't just walk, but run away from forms like this.
"If the user's system is vulnerable, the exploit executes a malicious code that downloads and executes the malware payload, Tinba Trojan," Avast explains in a blog post. "When the computer is infected and the user tries to log in to one of the targeted banks, webinjects come into effect and the victim is asked to fill out a form with his/her personal data."
It's not unusual for a website to verify a user's identity, so it's easy to see how this particular piece of malware could be effective. Once a victim fills out the fake form, all the personal information -- credit card number, Social Security number, etc. -- gets sent to the attacker.
Be sure to keep your software up to date, and be on the lookout for online forms asking for your personal information.