Cybercriminals Spearphish Victims to Steal Money, Data
Note: We may earn a commission from products or services when you click on a link and make a purchase.
The US Cybersecurity and Infrastructure Security Agency (CISA) and the US Federal Bureau of Investigation (FBI) issued Alert (AA21-076A) warning of active TrickBot Malware campaigns. In their latest efforts, cybercriminals send spearphishing emails claiming the victim is accused of a traffic violation.
TrickBot malware spearphishing emails sent to victims contain malicious email attachments or links to harmful websites. If the victim is fooled and clicks on the link or downloads the attachment, their device is infected with TrickBot malware
In these recent attacks, the cybercriminals send spearphishing emails claiming that the target is responsible for a traffic violation. They are scared into thinking they must go to a website to see the evidence of their infraction.
The links in the spearphishing email direct the victim to a malicious website that supposedly shows photos and evidence of the violation. If the victim clicks on a photo it downloads a harmful JavaScript file. When the file is opened it downloads TrickBot malware to their device.
TrickBot was first seen in 2016. The Feds says that TrickBot attacks continue to spread across North America.
The malware steals information such as login credentials and banking information. IT can also spread malware laterally across an IT network. It can also be used for data exfiltration and cryptomining,
SEE ALSO TrickBot Spreads Through Labor Department Emails
What is TrickBot?
TrickBot is a banking Trojan used originally used to infect computers and steal money from victims.
“Originally designed as a banking Trojan to steal financial data, TrickBot has evolved into highly modular, multi-stage malware that provides its operators a full suite of tools to conduct a myriad of illegal cyber activities,” says the CISA and FBI joint alert.
How to Defend Against TrickBot Malware
Learn how malware tricks victims. Read our guides on social engineering (click here) and spear phishing (click here)
- Use and a reliable antivirus program to detect phishing emails and malicious websites
- Keep all devices secure with the latest updates. You can set your devices to update automatically
- Attackers can use TrickBot to drop other malware to further compromise infected devices and steal money or information.
- Use a password app to create and save strong passwords for every online account
- Click here for a PDF version of this alert. Download the CISA Fact Sheet: TrickBot Malware
