The cyber criminals are using a
piece of malware called Trickbot to harvest this information. Trickbot
originally started out collecting banking information, but has been expanded to
keylogging, ransomware, and other functions.
The Microsoft Security
Intelligence team has warned that it has seen hundreds of emails purporting to
be related to COVID-19 medical advice and testing. The emails contained
attachments that had the ability to install Trickbot onto a computer. Other reports
said that the emails claimed to be from volunteer and humanitarian groups
offering COVID-19 testing or more information about the virus by downloading an
attached document.
Other phishing strategies have
included sending a text message that says, “Your phone has been monitored as
being near a phone of someone who have been diagnosed with COVID-19.” The text
invites you to click a link to get more information.
Here is a picture of a phishing email
intercepted by Microsoft:
Cyber security professionals as
well as government agencies such as the Federal Trade Commission and the FBI
warn that organizations such as the World Health Organization and the Centers
for Disease Control do not send unsolicited emails to the average citizen.
Also, cyber security professionals
are especially concerned about employees working from home using the internet.
They do not want company secrets to be compromised nor do they want employees’
personal information stolen by cyber criminals. They recommend,
·
Use multifactor identification whenever
possible.
·
Do not use devices with access to your business
network for personal use.
KIRO TV:
https://www.kiro7.com/news/local/microsoft-hackers-targeting-people-working-home/OQPVIRG66JF5LA4EGUIXYQ6BGE/
Microsoft:
https://twitter.com/Microsoft/status/1248713417655037955
ZDNet:
https://www.zdnet.com/article/trickbot-malware-is-using-these-unique-macro-laced-document-attachments-with-a-coronavirus-theme/
Malwarebytes Labs:
https://blog.malwarebytes.com/detections/trojan-trickbot/
No comments:
Post a Comment