There is a fresh wave of cyberattacks happening around the globe.
Microsoft detected the latest threats this month. Just like some cyber threats we saw at the beginning of the health crisis, these emails have virus-themed subject lines to lure the victim into clicking the attachment.
This is not ransomware nor phishing. It’s called Malspam.
Malspam is not a new threat — it has been around for years — but it’s a fresh new wave trying to take advantage of individuals in crisis. Here’s the official definition.
Tanmay Ganacharya, Director for Security Research of Microsoft Threat Protection, told ZDNet in an interview earlier this month:
“The main thing that we really wanted to call out, and why it caught our attention, is because of the COVID-19 lures and also [because of] the slightly different techniques we found and the types of attachments they are sending,”
Read the complete article here.
It starts with an email that contains a subject line that reels you in. If you click the attachment, it installs a program called Remcos — a Remote Access Trojan or RAT (not to be confused with Ratt).
Once the installation is complete, it takes over your computer and puts your data at risk.
Want to know more about this threat and the majority of the most common ones? Some great info can be found here.
Three variants of this threat were identified, so keep your eyes wide-open.
The first is a fake email from the U.S. Small Business Administration, regarding federal loans available to you.
Next, a bogus email from the U.S. Center for Disease Control. The third one is a faux email from the American Institute of CPA’s targeting its members.
Hackers home in on our fears and some of our most vulnerable citizens as the news is dominated with those desperate to get updates on financial incentives available from our state and federal government.
The same goes for vaccine alerts and other bogus CDC and WHO emails.
A good rule of thumb: If you are curious about one of these subjects, go to that entity’s legitimate website and search for confirmation there.
Perhaps also a call verification, but (as we all know) that might not be possible this spring and the hackers know that; so, keep all of this in mind when reviewing your email. Serious threats are coming in every day.
This spring, we have seen a new wave of high-tech hacks: Zoombombing, phishing emails, fraudulent texts, scam phone calls — just like I told Greg Tish on 93.3 FM this week — cybercriminals will stop at nothing to get your data and dollars.
They are even taking advantage of neighbors during the most perilous time in our lives.
If you see one of these emails or any of these situations, take a minute to report it to the Florida Department of Law Enforcement. Hunting these criminals may be difficult; it is still possible, so do your part and report any instances of cybercrime to the authorities.
Meanwhile, low-tech hackers are still at it as well. Someone took the time to do a little research and referenced my last name before launching my way this efax hack attempt (screenshot above).
“Crazy Uncle Alan Dowling,” eh?
Looks legit, with 10 million large, just ready to go.
Hackers won’t stop, so stay on the lookout as they will call, fax, email, text, anything they can to catch you off-guard. Be safe out there.
___
Blake Dowling is CEO of Aegis Business Technologies and hosts the Biz & Tech podcast. He is also looking forward to creating the Alan Dowling Foundation with all that cash about to roll in.