Researchers from email security vendor AppRiver warn about a phishing campaign that targets merchant accounts from a payment processing vendor called First Data.
It the pool of targeting online banking accounts, credit card information, personal details and other online accounts, scams aiming at merchants are not very common.The rogue detected by ApprRiver bear a subject of "MERCHANT ACCOUNT UPDATE" and purport to come from "FIRSTDATA SERVICES."
The message contained within reads "Dear First Data customer, please update your login. Download the attachment in this e-mail and proceed."
The attachment is an HTML document called "Update Your Account Information.html," which, when opened inside the , displays a spoofed First Data Global Gateway login page.
The page contains a form for inputting the merchant's store number, user ID, , phone number and password.
"Once the hacker has gained access to the First Data account they will likely have gained control over that specific merchants account," warnsTroy Gill, security researcher at AppRiver.
The obvious here is that compromised merchant accounts might contain records of customer transactions, however, according to Mr. Gill, this aspect of the breach remains unclear.
First Data is an Atlanta-based provider of online and on-site payment solutions which caters to merchants, financial institutions and .
Its product portfolio includes and debit card processing, check acceptance and cashing solutions, international payment processing, automated clearing house payments processing and PCI compliance.
The company explains on its site that "the Global Gateway Virtual Terminal is an online payment application that allows you to accept credit cards and other payment types using your PC.
"The Virtual Terminal also acts as your Global Gateway account management application and allows you to view gateway processing reports, edit fraud settings, manage users, and more."