It Pays to make your Organization Cyber Security Aware!

February 25, 2020

According to zdnet, “A notorious malware campaign is targeting banks and financial institutions in the US and the UK with cyber attacks that are not only destructive in their own right, but could also be used as the basis for future intrusions by other hackers”.

There has been a spike in phishing activity recently. This phishing campaign is stealthily distributing emotet, a malware which was earlier a banking trojan but now it has evolved into a botnet. The operators of this botnet are leasing out it’s capabilities to people who want to spread their own malware to plant a backdoor into other machines.

A phishing mail normally tricks people into revealing their confidential information like usernames, passwords, credit card data, etc., It also can lure people into clicking an attachment which can help plant a malware into the system. A lot of username databases are available on the darknet which is normally used to send emails.

A trojan is actually a backdoor into a machine and through this backdoor a criminal gets remote access to the machine. Through this access the criminal tries to get privilege escalation. Once the criminal gets the required privileges he can control the system.

A botnet is a collection of internet connected devices whose security has been breached and the control is actually with a third party (criminal).

Now this phishing campaign is spreading the trojan namely emotet. Emotet has evolved into a botnet. Hence your system also becomes a part of the botnet and can be used to spread malware to other systems. Emotet starts gathering all the sensitive information. The information can be anything from customers bank account details, their credit card details, important business documents, etc.,

The campaign is actually sending fake invoices as a Microsoft word document and tricks the target into enabling the macros. Once the macros are enabled this document installs emotet on the machine.

Preventive measures:

  • The most important step is to make people CyberSecurity aware.
  • Always keep your system updated.
  • Install the latest available security patches.
  • Never open a mail from unknown sources.
  • Never enter your personal details and any other sensitive info in a pop up window.
  • Install a phishing filter on your email application and also on your web browser. These filters will not keep out all phishing messages, but they will reduce the number of phishing attempts.

Theta432 can help your organization through a  proactive model of securityawareness training with simulated Advanced Virtual Attacks. Click to know more.