We've been seeing plenty of phishing scams lately. These are when cybercriminals try to get unsuspecting victims to click on a malicious link to steal their private information. It's usually carried out through an email where the scammer imitates a legitimate person or business.
Thieves will go through great lengths to create a message that appears to be from someone you trust. The latest attack that you need to know about is a malicious email claiming to be from Microsoft.
The email has a subject line that states, "Your Banking Assets Are Blocked." The message claims to be from Benedict Brown, who is representing Microsoft Security Office. Warning: This is a fake email and contains a malicious link.
How this phishing attack works
As you can see in the image above, the message tells the recipient that suspicious activity has been found with their bank accounts. It goes on to claim that their computer is infected with a virus or an exploit impacting banking operations.
The scammer says they have included a full report containing all relevant information pertaining to the suspicious activity. The recipient is then asked to download the report from an official server by clicking a link at the bottom of the message.
The link will actually take you to a malicious site that could infect your gadget with malware. Once you get to the site, you'll be asked to open a malicious Office document. Then you will be asked to enable macros to view the document.
If you enable macros, your gadget will be infected with Neutrino bot malware. This malware allows the scammer to do several things:
- Steal personal data - The cybercriminal can capture keystrokes, do form grabbing, and take screenshots from your gadget.
- Perform DDoS attacks - DDoS stands for "distributed denial of service," which is a techy way of saying "crashing a system or the whole internet." It works when a targeted website or server is flooded by an overwhelming amount of requests from millions of connected machines in order to bring it down.
- Download more malware
- Make spoof DNS requests - Domain Name Server (DNS) spoofing is when cybercriminals exploit vulnerabilities found in the domain name server. They do this to redirect traffic from legit servers to fake ones.
If you receive this email, delete it immediately. You also need to know how to prevent falling victim to a phishing scam.
How to avoid phishing attacks
- Be cautious with links - If you get an email or notification that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
- Do NOT enable macros - You should never download Word or Excel files attached to unsolicited emails to begin with. If you do open one of these documents and it says that you need to turn on macros, close the file and delete it immediately.
- Do an online search - If you get a notification about something that seems shady, do an online search on the topic. If it's a scam, there are probably people online complaining about it and you can find more information.
- Watch for typos - Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos.
- Know what phishing emails look like - Typically, there are signs that give away the fact that an email is fake. Can you spot one? Take our phishing IQ test to find out.
- Use multi-level authentication - When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts. Click here to learn more about two-factor authentication.
- Have strong security software - Having strong protection on your family's gadgets is very important. The best defense against digital threats is strong security software.