Phishing alert: This fake email about a bank payment delivers trojan malware | ZDNet
Researchers detail new attacks using a new version of keylogging and information-stealing Remcos malware.
A highly customizable form of trojan malware has returned and is being distributed via phishing emails claiming that a payment is being made to their bank account. Researchers at Fortinet have uncovered a new Remcos campaign – with the new variant titled “2.5.0 Pro” – these attacks begin with an attempt to trick the victim into opening a malicious ZIP file under the pretense of payments being made into a bank account. The phishing email users spoofing to make it look as if it comes from a valid domain.
According to Colin Bastable, CEO of Lucy Security:
“Small and Medium Businesses (SMBs) are especially vulnerable to these types of attacks, because they tend to reply on traditional anti-virus and firewall defenses. The most single most effective component of any organization’s cyber security defense is its people. By teaching staff to be cyber-secure, using real-world simulated attacks and varied, fresh and interesting training content, businesses will identify those most at risk of falling for Remcos and other malware attacks, and reduce the risk ten-fold. The fact is, all organizations have defensive flaws. Cybersecurity defenses work best by treating people and systems in a holistic manner: hackers are looking for low-hanging fruit: they rarely invest time penetrating sound defenses when they can make a quick return from less-secure victims. When staff do fall for simulated malware attacks, a vital question, “what if that was a real attack?” needs to be answered. SMBs and others can “war-game” such scenarios by running +low hanging fruit collectors”, or technical malware test suites, to discover system weaknesses and other unknown vulnerabilities.”