A new phishing attack is leaving users fancying a 16% discount on purchases through credit card with more problems than savings.

Sent as an promotion message from MasterCard’s SecureCode service, the scam email offers customers 16% discount on purchases made through their credit card, TheRegister reports. It also offers, quite ironically, more security for their online credit card transactions.

Users enticed enough to sign up for the spoofed service are directed to a phishing site upon clicking the link contained in the email message. The site which is crafted to appear identical to the legitimate MasterCard Web site then prompts the user to enter their credit card information, supposedly for “verification” purposes. The phisher then acquires any information entered by unknowing users and may use it for possibly illegal purposes.

SecureCode is a legitimate service from MasterCard, which aims for users to have a more secure way of doing transactions online. More information on this service can be found on the MasterCard Web site.

With the Tibet issue still fresh, China is looking to become more and more controversial, this time in cybercrime as the database of a prominent British organization was hacked by Chinese spammers over the weekend, TheRegister reports.

IT personnel at the Royal Institute of British Architects (RIBA) discovered that the hackers were able to place a Web address in the members’ database, prompting them to take down access to the said database for some time. Although RIBA assured its more than 40,000 members that no information has been stolen, they advised their members to remain cautious of online financial information that they may have used for transactions with RIBA.

RIBA did not comment on the encryption and other security measures used by their database. The incident has since been reported to the local police although their involvement may not be helpful at all unless there’s a cybercrime division or a similar unit. Furthermore, since the database breach has already been reported, it remains unclear as to why RIBA refused to comment on their encryption measures. This action puts them in a bad light, raising serious questions on their system security.

Around 1,200 similar organizations have also been targeted in the US and the UK. This figure just shows that data breaches are very critical issues that have to be dealt with utmost priority. Companies cannot afford to be unworried with data security while at the same time declaring nothing has been stolen. Such complacency may eventually prove to be their undoing.

Here is yet another case of Patch Tuesday/Exploit Wednesday. While the bounty hunt for software vulnerabilities is still very much an active industry, malware authors have been seen to watch out for (and ultimately prey on) vulnerabilities disclosed by legitimate software vendors. This isn’t as irrational as it looks; malware authors are not looking for massive hits, just the numerous few who do not take care enough to download and install software patches.

A few days after the regulation Patch Tuesday last April 8, our researchers were alerted to an exploit-backdoor tandem that specifically takes advantage of the vulnerability discussed in the Microsoft Security Bulletin MS08-021 (classified as critical). This vulnerability refers to the Graphical Device Interface (GDI) available in Windows operation systems. treats information. The exploatation of this vulnerability allows an attacker to take full control of a computer system.

A file named TOP.JPG has been found to successsfully use this flaw. It was found hosted on sites, and arrives on a system as an executable which is now detected as EXPL_NEVAR.B. Its specific routine connects to an URL for downloading a file named WORD.GIF (which is also detected by Trend Micro, as BKDR_POISONIV.QI). Backdoors perform silent commands on the compromised computer without the user knowing it.

Users should update applications and operating systems the moment patches are available.