">
TechMoran
  • About Us
  • Deals
  • Jobs
  • Motoring
    • Money
  • Pitch Your Startup
  • Submit Your Post
  • Freelance Gigs
  • Travel
  • Men’s Corner
  • Dating
Monday, January 25, 2021
  • Startups
  • Reviews
  • Insider
    • Obituaries
  • Business
  • Women
  • Blockchain
  • Columnists
  • Hacks & Facts
    • How To
  • Editions
    • US Edition
    • India Edition
    • MENA Edition
    • Asia Edition
    • Europe Edition
    • International Edition
No Result
View All Result
TechMoran
">
Home Tech

Trickbot attackers leverage Coronavirus fears in Italy with targeted spam

Staff Writer by Staff Writer
11 months ago
in Tech
9 min read
0

Related posts

Toshiba

Chrome Now Helps You Change Weak Passwords

January 23, 2021
0

Top 5 Skills That Modern Software Developers Need to Have

January 22, 2021
0

What Software Developers Need to Know About Burnout

January 22, 2021
0

Which is Better, Leasing or Purchasing Farm Equipment?

January 22, 2021
0

In the last 24 hours, SophosLabs has uncovered a new email spam attack targeting Italians with a document containing a macro loaded with Trickbot malware.

The email takes advantage of COVID-19 fears by offering up a clickable document that allegedly includes a list of precautions to take to prevent infection. Unfortunately, the document is weaponized.

According to SophosLabs, the COVID-19 twist to the spam message may be new, but the mechanisms used to deliver it (including the spam “bots” that send the message, the enclosed scripted Word document and the JavaScript dropper) are similar or identical to those used in Trickbot campaigns that have been active for at least six months.

“The cybercriminals behind Trickbot are likely skilled attackers who leverage the concern of the day to scare people into clicking. While this is in Italy now, we would expect a similar attack in other countries where fears of COVID-19 outbreaks are high. The best approach to avoid this type of cyberattack is to turn off macros, be extra cautious about what you click, and delete email that is suspicious or from an unexpected source,” said Chester Wisniewski, principal research scientist, Sophos. “Whenever there is a topic of public interest like COVID-19 or the Australian bush fires, we see cybercriminals try to manipulate our concern into an opportunity. We must stay vigilant and be distrustful of incoming communications during times of crisis and only obtain advice from our public health authorities.”

READ  Blockchain startup Loyyal closes series A round from Dubai investors to build a universal loyalty and rewards platform

For additional tips, please reference Naked Security’s article on other Coronavirus phishing emails and how to stay cybersafe, including:

  • Never let yourself feel pressured into clicking a link in an email. Most importantly, don’t act on advice you didn’t ask for and weren’t expecting. If you are genuinely seeking advice about the coronavirus, do your own research and make your own choice about where to look
  • Don’t be taken in by the sender’s name. This scam says it’s from “World Health Organization”, but the sender can put any name they like in the From: field
  • Look out for spelling and grammatical errors. Not all crooks make mistakes, but many do. Take the extra time to review messages for telltale signs that they’re fraudulent – it’s bad enough to get scammed at all without realizing afterwards that you could have spotted the fraud up front
  • Check the URL before you type it in or click a link. If the website you’re being sent to doesn’t look right, stay clear. Do your own research and make your own choice about where to look
  • Never enter data that a website shouldn’t be asking for. There is no reason for a health awareness web page to ask for your email address, let alone your password. If in doubt, don’t give it out
  • If you realise you just revealed your password to imposters, change it as soon as you can. The crooks who run phishing sites typically try out stolen passwords immediately (this process can often be done automatically), so the sooner you react, the more likely you will beat them to it
  • Never use the same password on more than one site. Once crooks have a password, they will usually try it on every website where you might have an account, to see if they can get lucky
  • Turn on two-factor authentication (2FA) if you can. Those six-digit codes that you receive on your phone or generate via an app are a minor inconvenience to you, but are usually a huge barrier for the crooks, because just knowing your password alone is not enough
  • Educate your users. Products like Sophos Phish Threat can demonstrate the sort of tricks that phishers use, but in safety so that if anyone does fall for it, no real harm is done. Sophos also has a free anti-phishing toolkit which includes posters, examples of phishing emails, top tips to spot a phish, and more
Readers 2,476

Share

  • Click to share on Telegram (Opens in new window)
  • More
  • Click to share on Tumblr (Opens in new window)
  • Click to print (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Pocket (Opens in new window)

Like this:

Like Loading...

Related

Staff Writer

Staff Writer

Related Posts

Toshiba
Tech

Chrome Now Helps You Change Weak Passwords

January 23, 2021
0
Tech

Top 5 Skills That Modern Software Developers Need to Have

January 22, 2021
0
Tech

What Software Developers Need to Know About Burnout

January 22, 2021
0
Tech

Which is Better, Leasing or Purchasing Farm Equipment?

January 22, 2021
0
Tech

Three Kenyan teams excel at the Huawei ICT Competition Global Finals

January 22, 2021
0
Health

54gene launches a genome sequencing lab to track infectious and non-communicable diseases prevalent in Nigeria

January 22, 2021
0
Tech

Google’s Project Loon, solar-powered internet balloons discontinued

January 22, 2021
0
kplc
Tech

Kenya Power Rolls Out A Smart Metering Project Across The Country

January 21, 2021
0

https://bit.ly/2VOxuoBhttps://bit.ly/2VOxuoBhttps://bit.ly/2VOxuoB
ADVERTISEMENT

Join our Mailing List

Loading

Recent Posts

Finnfund & Norfund double Starsight’s funding to $20 million for Ghana expansion

January 23, 2021

African tech startup funding passes $700m in 2020 despite COVID-19

January 23, 2021
Toshiba

Chrome Now Helps You Change Weak Passwords

January 23, 2021
Toshiba

Shoppable Ad Formats Are Coming Soon To Youtube

January 23, 2021

Hero MotoCorp Surpasses the Monumental 100M Cumulative Production Milestone

January 23, 2021
">
">

Follow Us

">

There are many sites out there focused on blowing off some steam, from funny entertainment to thrilling experiences like playing online, in some cases online gaming could grant you the chance to win extra money. We came across rocketpot.io while browsing for a good btc casino online and it left us a very good impression with their wide variety of games and crypto offering.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

© 2019 Moran Media Group - All rights reserved TechMoran.

No Result
View All Result
  • Startups
  • Reviews
  • Insider
    • Obituaries
  • Business
  • Women
  • Blockchain
  • Columnists
  • Hacks & Facts
    • How To
  • Editions
    • US Edition
    • India Edition
    • MENA Edition
    • Asia Edition
    • Europe Edition
    • International Edition

© 2019 Moran Media Group - All rights reserved TechMoran.

Login to your account below

Forgotten Password? Sign Up

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
%d bloggers like this: