McDonald's Facebook Coupon Delivers Mispadu Banking Malware

Before you click on that great McDonald’s coupon you found on Facebook, be warned that doing so could install your very own banking Trojan attack. The fast food titan is being used in a fake coupon campaign that downloads the financial malware called Mispadu. Besides Facebook, the fake McDonald’s coupons are also being found in targeted email phishing campaigns. Experts claim the financial malware steals online banking and payment card data, among other things. Mispadu is currently targeting users in Brazil and Mexico and will likely make its way to the U.S. in the near future. Although knowing what to look for can save financial heartache from Mispadu, it may not help your hunger pangs. Remember, it all starts with an innocent McDonalds coupon…

The Mispadu banking Trojan begins its journey with a coupon malvertising (malicious advertising) campaign recently found on Facebook and in email phishing campaigns. Users are brought to a fake McDonald’s website to download the coupon. Researchers say that although the coupons had expiration dates for September and October of this year, those dates can easily be changed. Clicking the coupon unleashes a tidal wave of theft, including redirection to a web page that ultimately loads the Mispadu installer. From there, hackers hope your stolen data includes financial information so Mispadu can get to work. Included in the heisted financial data are account numbers, passwords, web browser credentials, and email contact lists. In the wrong hands, this type of sensitive data also leads to highly targeted email phishing attacks that spread Mispadu. The malware can also capture keystrokes, take screen shots, and create mouse and keyboard actions.

The researchers who discovered the banking Trojan say, “We believe this malware family is targeting the general public…its main goals are monetary and credential theft.” In other words, anyone and everyone is a target. So, being ahead of the learning curve about a bogus McDonald’s e-coupon will pay off.

Of the cyber-safe suggestions, the most important to remember is not being click-crazy. Hackers love using social media sites and email phishing to spread malware because it works. Always use a big dose of common sense before clicking, especially knowing malware like Mispadu could be waiting on the other side of that click. Never assume a message or a sender is legitimate, especially for those deals that sound too good to be true. Email phishing also uses similar tactics for bait, including messages creating a sense of concern, fear, surprise, and other emotions. Always avoid getting caught up in the moment of any online message because malware like Mispadu may only be a click away.