Researchers have discovered a version of the Zeus financial malware which prevents banks from notifying users of suspicious activity in their accounts.
The malware, known as Ice IX, ensures phone calls from financial institutions to alert customers of potential thefts are directed to other numbers.
According to security firm Trusteer, the Ice IX malware tricks users into handing over their phone numbers and carrier account details, then uses this information to change account settings and redirect contact information to numbers controlled by attackers.
Much like its predecessor Zeus, Ice IX uses a "man in the browser" technique to install itself on the victim's system and tamper with web pages.
While Zeus has been known to harvest bank data and user details, Ice IX takes the attack a step further by asking the user to enter phone contact information.
The attack page, which poses as an update from the bank's anti-fraud system, asks users to select from a list of US and UK carriers and then enter both their phone numbers and carrier account numbers.
"Fraudsters are increasingly turning to these post-transaction attack methods to hide fraudulent activity from the victim and block email and phone communication from the bank," Trusteer chief technology officer Amit Klein explained in a blog post.
"This allows attackers to circumvent security mechanisms that look for anomalies once transactions have already been executed by the user."
Zeus and its variants have long been known for innovative attack methods and tricks to defraud users. The malware has made heavy use of social networking platforms such as Facebook to spread.
In April of 2011, development in new variants exploded as the Zeus source-code was released to the public.
US startups plan to modify existing jet engines, but are likely to fall foul of environmental legislation
The Brexit white paper "gets pretty close" to company desires, but there's still work to do
Children as young as four to be taught about the dangers of social media
Bans already issued to hundreds of players who used offensive language