Skip to Content
© Natalia Vavilina | Dreamstime.com
Security & privacy

Dangerous new malware installs keylogger to swipe your banking info

Data breaches and cyberattacks are so common these days that you may have been affected by one without ever knowing. According to reports, the average American had their data stolen at least four times during the past year, and that’s not only people with weak passwords or lackluster security settings.

How are hackers getting all this data so easily? Well, for starters, tactics like phishing and malicious email attachments actually work — and COVID-19 has given cybercriminals even more opportunity to wreak havoc on unsuspecting victims. Tap or click here to see why there are so many COVID-19 scams floating around.

And now, a new COVID-19-themed phishing campaign is taking things a step further by introducing a piece of malware that can track what you type on your keyboard. If your computer is infected, you could be handing over your credit card data without realizing it. Here’s what to look out for, as well as how you can stay safe.

Lokibot causes chaos

Microsoft has issued an urgent warning regarding a phishing campaign that installs a keylogger on your device. Emails sent out by the campaign include the dangerous “Lokibot” malware, which is one of the first in its genre to use COVID-19-related subjects to trick its victims.

When Lokibot makes its way on to your system, it lies in wait for you to access specific platforms like bank websites, PayPal and other financial platforms. Once you log into your account on these sites, Lokibot spies on the keys you strike and reports that data back to the crooks. It’s a perfect way to gain access without breaking and entry.

Previously, COVID-19-related phishing campaigns would use news about the virus, treatments or health authorities to deceive victims. But now that several states are easing stay-at-home restrictions for citizens, campaigns like this one are changing their language around.

In particular, this one (from the “Center for Disease Control & Management, no less) promises an “announcement” related to “Business Continuity Plans,” which may be enough to trick a well-meaning business owner into opening. Unfortunately, the real organization is the Centers for Disease Control & Prevention, making this one a class-A fake.

I guess it goes to show you that hackers are paying attention to the news, too.

How can I protect myself from Lokibot?

Lokibot is part of a large family of so-called “spyware” programs, which snitch your personal data back to their distributors. Keyloggers are some of the most dangerous kinds of spyware, which is why avoiding unfamiliar emails and attachments is so important to your safety these days.

Fortunately, this particular campaign was detected by Microsoft’s Threat Protection’s machine learning algorithms. According to BleepingComputer, this allowed Microsoft to catch and identify the malware before it had a chance to gain major traction, and now all Windows Defender users are protected from Lokibot automatically.

If you’re running Windows 10, you automatically have Windows Defender installed to protect your computer. You’ll just need to make sure it’s updated to the most recent version of Windows 10 so it has the most current malware definitions. Tap or click here to see how to update to the latest Windows 10 patch.

If you fear you’ve been hit by this malware already, your best move now is to bunker down and protect your identity. You’ll want to change important passwords for your social media accounts, enable two-factor authentication where applicable and potentially freeze your credit. Tap or click here to find out how you can set up 2FA for your favorite websites.

In addition, signing up for an identity protection service can save you the hassle of recovering lost money and calling creditors. We recommend our sponsor Identity Guard, which includes a robust suite of security features like bank alerts, threat analysis and dark web monitoring for your most valuable logins.

Get up to 33% off for Kim’s audience only, with plans starting at less than $7 a month at IdentityGuard.com/Kim.

Even if you have the strongest security in the world, falling victim to a phishing campaign can make it all for naught. Stay vigilant, and keep your eyes open for strange links, shady emails and mysterious attachments. If the language seems off and the subject matter seems too timely, you might want to think twice about opening that message.

Komando.com App background

Check out the free Komando.com App!

Get the latest tech updates and breaking news on the go, straight to your phone, with the Komando.com App, available in the Apple Store and Google Play Store.

Download Now