There have been many viruses discoveredthat have the direct purpose of stealing online bank account andpassword information. It has been determined that a good majority ofthese have originated in Brazil and in these cases the viruses areknown to be part of the infostealer.bancos family. They run without anyuser interface and attempt to capture all of the user information thatis being sent to a target bank's Web page. In some cases there arevariants that show fake login dialog boxes, almost all of which areJPEG image files stored in the virus. The important thing to rememberhere is that the people serving up these viruses are thieves and haveto hide.
In contrast, a fraud does not need to hide. The fraud interacts withhis or her victim without hiding. Recently we received an .exe filefrom a customer in Brazil. When the .exe is run, it shows a visiblemessage box with the title "Patch 2.25 - Correcao de Falhas." It claimsto be a patch for a particular "fault"...
