How Hackers Use Corona Virus to Pretend You; Prevent by Using Total Security
In mid-February 2021, Security specialists had already reported on the immoral phishing practices of hackers who are taking advantage of the population's concern about the coronavirus. And it goes on. specialists exposed a new such attack in the last 24 hours. This time the hackers are mainly targeting Italians with their supposed corona message. The phishing email contains a document that supposedly offers a list of precautionary measures to prevent the infection. In fact, there is a macro hidden in the document that infects the victims of the phishing attack with trick bot malware. In this blog, we will learn how to prevent them by using total security.
According to Security specialists, cybercriminals are surfing the cutting-edge
COVID-19 wave to spread the malware as efficiently as
possible. However, the actual malware mechanisms used to spread the
message (including the spambots, the attached script-infested Word document,
and the JavaScript droppers) are similar or even identical to those used in
Trickbot campaigns for at least six months.
“The cybercriminals behind Trickbot are trying to take advantage of
people's concerns so they can click and open the attachments. While this
malware attack is happening in Italy, we expect similar attacks in other
countries where fear of COVID-19 outbreaks is also high. The best way to
avoid this type of cyber attack is to turn off macros. You should also be
extra careful with clicks on attachments and links and delete emails that
appear suspicious or come from an unknown source, ”said Chester Wisniewski,
Principal Research Scientist at Sophos. "Whenever there is an issue
of public interest like COVID-19 or the Australian bushfires, cybercriminals
see it as an opportunity to manipulate their victims."
Tips to Ward Off Phishing Emails:
- Never be pressured to click on a link in an email. It is important to disregard supposed and unexpected advice. If you really need advice on the coronavirus, doing your own research with the known authorities and institutions is the right way to go.
- Never let the name of the sender influence you. This new phishing attack supposedly comes from the “World Health Organization”. However, the sender can enter any name in the “From:” field.
- Watch out for spelling and grammatical errors. Not all crooks make mistakes, but many do. Take the time to check the news for any tell-tale signs of fraud. Often the attackers are not really able to speak the language.
- Check the URL before clicking on a link. If the link to the website looks strange, don't click it.
- Never provide any information that you are asked for on a website. There is no reason a website should ask for health awareness or an email address, let alone a password.
- If you have accidentally given a password to a fraudster, it must be changed immediately on the correct website. The scammers who operate phishing websites usually try stolen passwords immediately and often automatically. The sooner you react, the more likely it is that you will forestall cybercriminals.
- Never use the same password on more than one website. Once scammers have a password, they will test it on every website that one could have an account on.
- Use two-factor authentication (2FA). The six-digit codes that are received on the mobile phone or generated via an app represent a small further step for the user. But they are a big barrier for fraudsters.
- Companies should train their employees. Tools like Protegent Total Security simulates the tricks of phishing crooks company-wide but in a secure environment. Protegent also offers a free antivirus toolkit that includes posters, examples of phishing emails, and other tips for tracking down phishing emails.

No comments:
Post a Comment