fbpx

Coronavirus used to attack computer users

guy wearing a face mask

As if I'd ever condone being relaxed about opening unexpected email attachments, now there's new examples of criminals taking advantage of the panic caused by Coronavirus COVID-19.  It's being used as a method of spreading malware to a worried population!

Using fear and time-pressure has long been the tactic used by criminals to get people to do what they want.  If you've ever seen text messages relating to tax refunds or fines or have received emails warning you that your account will be locked out if you don't validate your details within days, then you will recognise these tactics.

Now, it seems that criminals are targeting people with "infected" Word documents which claim to give details of how to stay safe in the face of the Coronavirus outbreak.  Of course, with so many people being concerned and heightened interest in the latest information, these methods seem to be working.

A current campaign which targets users with malware called Trickbot, does so through the spreading of Microsoft Word documents loaded with custom code scripts which, when opened, connect to a remote server on the internet and download additional code.
This code then goes on to run programs which result in the malware being installed on your computer.

Trickbot has a number of capabilities, including stealing email addresses, usernames and passwords.  It also targets online banking by intercepting and redirecting an individuals online banking logins.  This is called a Redirection Attack.

What Are Redirection Attacks?

The overall idea behind redirection attacks is to send the infected victim to an entirely new website when they try to browse to their online banking site, never allowing them to reach the bank’s real site. 
By keeping the victim away from the bank’s site, the fraudster can deceive them into divulging critical authentication codes without the bank knowing that the customer’s session has been compromised.

Source: https://securityintelligence.com/dridex-launches-dyre-like-attacks-in-uk-intensifies-focus-on-business-accounts/

So, how can you protect yourself?

  • Be vigilant. That's always a great start.
  • Don't click before you think.
  • Do you know the sender of the message?  If not, just delete it!
  • Have you checked that it comes from a legitimate email address?
  • If an email or attachment is unexpected, consider contacting the sender by phone or text to see if they intended to send it.
  • Does the language they use in the body of their message fit with how they usually talk to you?  Often, after the fact, people think how differently the email was written compared with the senders usual style.
  • Look out for pressuring statements in messages sent to you.  Even if the message says you must take immediate action, you don't actually have to!  Again, contact the sender direct via phone to check. 
  • Disabling macros within Microsoft Office can help, but ideally you'd want to spot the problem before the document is ever opened.
  • Make sure you're running a good quality antivirus product.  Whilst there are many good free options available, you generally can't beat a paid product.  Premium products usually come with additional capabilities which provide advanced levels of protection.  Many are also great value and allow you to protect multiple computers in your home for one fixed price.

If you'd like to learn more contact us for an informal chat.

Leave a Reply

Your email address will not be published. Required fields are marked *