New virus can steal credit card info saved in your browser - here's how to spot it

Monday, 21st May 2018, 4:47 pm
Updated Monday, 21st May 2018, 5:23 pm

A new computer virus which has the capability to steal credit card information is targeting users of popular browsers and programs, such as Microsoft Word.

According to Proofpoint, an American cybersecurity company based in California, the Vega Stealer malware system is capable of thieving passwords and credit card details saved to browsers such as Google Chrome and Firefox.

Though the Vega Stealer virus is currently only targeting the marketing, advertising, public relations and manufacturing industries, Proofpoint have suggested that the virus "may grow to be a commonly observed threat."

Targeting corporate emails

Sign up to our daily newsletter

The i newsletter cut through the noise

Vega Stealer was first noticed by Proofpoint earlier this month when they observed a low-volume email scam targeting corporate businesses.

The emails were titled with subjects such as "online store developer required" and sent to shared distribution lists such as: "info@', 'clientservice@', and 'publicaffairs@'.

The Malware is targeting companies via email (Photo: Shutterstock)

The messages contained a malicious attachment called 'brief.doc' which downloads the Vega Stealer payload, according to the cyber security firm.

The virus is then capable of stealing credit card details and company passwords.

Though the malware is relatively primitive in sophistication, its flexibility means that it could become a greater threat to internet users in the future.

How to spot email malware

There are several steps you can take to avoid falling foul of a malware email.

First of all study the email address of a sender whenever opening an unfamiliar email - scammers may try and impersonate a member of an organisation, but their email address will typically provide subtle tells that they are a fraud. For instance if an email comes through from someone who works for the UK government their email address will end in gov.uk, whereas a scammer may use an email that ends in gov.co.uk.

Emails which encourage you to open an attachment or follow a link should always be treated with suspicion.

Unsurprisingly emails attached with suspicious and unsolicited attachments may be an example of email malware.

Greetings should also be studied by those wanting to avoid malware. Some examples of malware may include your username in an email subject, while others will offer you a generic greeting, such as 'Dear Customer'. Email users should also study the list of email recipients - if these are undisclosed the email may be and example of malware.

Finally if an email is absent of logos and images, containing only plain text, users should treat the email with suspicion.