Plus, two massive ransomware attacks hit Spain, the healthcare industry leads the pack in data breaches, and phishing scams are abusing Google Analytics
A phishing campaign targeting UK employees in the retail and insurance industries is sending out emails claiming to come from the Ministry of Justice. ZDNet reported that the emails have the subject line “Court,” while the body of the message implies that the user has been summoned with a subpoena to testify. To get details, the user is prompted to click a link that takes the user to a Word document hosted on Microsoft One drive. The user is then prompted to “enable macros,” which allows the code programmed into the document to download onto the user’s system. It downloads a malware called Predator the Thief, which is used to steal login credentials, browser data, and cryptocurrency stored in digital wallets, as well as to take photos with the computer’s webcam. When Predator the Thief finishes plundering the system and sending all its information back to its command-and-control center, the malware self-destructs, erasing all traces of itself.
UK users might see through the phony message because, despite using the official Ministry of Justice logos, the campaign leans heavily on the word “subpoena” which has not been a term in the UK court system since 1999, when the official phrasing was changed to “witness summons.” In regards to macros, Avast Security Evangelist Luis Corrons recommends that users in general avoid enabling them. “They can be useful tools,” Corrons said, “but macros are severely abused by cybercriminals on a regular basis. Average home users never have to us ..
Support the originator by clicking the read the rest link below.
