With scammers lurking around every digital corner, it's extremely important that we're careful with sensitive data. The last thing that you need is to have that information fall into the wrong hands.
That's exactly what's happening to victims right now in over 40 countries, including the U.S. A tricky version of malware is spreading quickly and it could drain your bank accounts.
Watch out for this tricky malware
We're talking about the Trickbot banking Trojan that is being spread through phishing emails. Scammers are sending fraudulent emails purporting to be from the recipient's banking institution.
The fraudulent email looks like a bill that is due and has either a PDF, Excel or Word document attached with more details. If you click on the link, a Trickbot banking Trojan will be installed onto your gadget.
Once the Trojan infects a victim's gadget, malware runs in the background, waiting for the user to visit their banking website. When they try to visit their bank online, Trickbot sends them to a spoofed site. It looks official so a large number of people are falling for it.
The spoofed site requires the user to enter their banking credentials. When they do, they're just handing them over to cybercriminals.
The group behind this version of malware is believed to be an organized cybercrime syndicate. It's not expected to go away anytime soon.
The best thing you can do to stay safe is to NOT click on links within emails that are unsolicited. If you need to correspond with your financial institution, call its phone number listed on the back of your credit or debit card or type its web address directly into your browser. Keep reading for more helpful suggestions.
Be cautious with links
Do not follow web links in unsolicited email messages, it could be a phishing attack. Cybercriminals always take advantage of popular websites and trending news stories to try and find new victims. That's why you need to be able to recognize a phishing scam.
One thing to watch for with phishing attacks are typos, criminals are typically careless with spelling and grammar. If you receive an email or notification from a reputable company, it should not contain typos. Take our phishing IQ test to see if you can spot a fake email.
Have strong security software
Make sure you're using strong antivirus software on all of your gadgets. And keep them up-to-date for the best protection. This is the best way to keep your device from being infected with malware.
Set up two-factor authentication
Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. It's like the DMV or bank asking for two forms of ID. This adds an extra layer of security and should be used whenever a site makes it available. Click here to learn how to set up two-factor authentication.
Use unique passwords
Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen on one site and you use the same username and/or password on others, it's easy for the cybercriminal to get into each account. Click here to find out how to create hack-proof passwords.
Do not disclose sensitive data
Unsuspecting people are mistakenly handing over sensitive information to scammers all too often. If you receive an unsolicited email, do not reply with personal information. You don't want it to fall into the hands of criminals. If a company that you do business with on a regular basis emails you and asks for personal information, type the company's official web address into your browser and go there directly to be safe.
Protect your critical data
As we said earlier, cybercriminals are lurking around every digital corner. That's why you should always keep a backup of your data, so you can restore your device in case of an emergency. We recommend using an online backup service such as our sponsor IDrive.
With IDrive, you can backup all your PCs, Macs and mobile devices into ONE account for one low cost. Also, it has recently added a new feature called Snapshots.
IDrive Snapshots is a historical view of user data stored in your IDrive account, which allows users to perform point-in-time recovery of their critical files. If your data gets infected with encryption based ransomware, all you have to do is select a timeline before infection and restore it.
Speaking of your credentials, read this for 3 ways to craft great passwords based on new research
It's so frustrating to be stopped midstream during the workday to reset passwords. It's worse when you're in a rush and all of a sudden you see, "Incorrect password." This huge headache makes you grit your teeth and you finally decide to use a go-to password. But you don't have to.