Hackers are constantly tweaking the malware they design in ways that make them more effective, more annoying, and more dangerous. These days, it isn’t enough just to have a piece of software that steals passwords or spies on keyboards — the program should also install ransomware or self replicate in order to stand apart from the biggest names on the Dark Web.
Because of this sense of competition between hackers, it’s inevitable that malware will only become more aggressive as time goes on. For a perfect example, look no further than the TrickBot malware — a program designed to compromise emails. It’s been around for a while, but now, researchers have noticed it’s spreading fast due to a sneaky trick it pulls on hapless accounts!
TrickBot’s new tricks have put security researchers on alert, but not everyone is sure of the best techniques to stop the rising threat. Here’s everything you need to know about TrickBot’s sneaky tactics, and what to look out for if you want to keep your inbox free from harm (and malware, of course.)
TrickBot’s tricky tactics
TrickBot isn’t a particularly new malware, but its effects are still being felt across large swaths of the internet. The program first emerged sometime around 2016, but recently, it’s been displaying some new abilities that are concerning cybersecurity researchers.
TrickBot works primarily by compromising email and bank accounts as it circulates through spam messages. According to new research from cybersecurity firm Deep Instinct, however, TrickBot has started doing something new. It’s been actively harvesting credentials from the email accounts it’s compromised — and it’s using these stolen accounts to spread its tentacles even further!
If an account has already been captured by TrickBot, this new tactic called “TrickBoost” allows it to harness the login information and send messages with the malware attached to contacts associated with that email account. Once it’s finished, TrickBot deletes the messages it recently sent. That way, the original account owner has no idea what happened.
The new method of attack has apparently been lucrative for TrickBot — as Deep Instinct’s investigation revealed a database containing over 250 million compromised accounts. Worse yet, many of these accounts appeared to be U.S. government-owned, along with other accounts belonging to the U.K. and Canadian governments.
How can I protect myself from TrickBot
Since the malware is able to delete its own activities, detecting its presence on your email account can be tricky. The malware exists solely to compromise email accounts and will not be easy to find on your computer.
As of now, the best approach an ordinary internet user can take is to use extreme caution when opening emails from unknown senders. This is the primary vector that cybercriminals use to distribute malware, so pay close attention to any unusual emails you might receive. They just may contain a bit of hostile code that can compromise your account!
Another thing to be keenly aware of is phishing tactics. If you find yourself opening an email and suddenly, you’re asked to log in to your Facebook or email account again, don’t do it!
Phishing works by tricking you into giving up your login information. If you find yourself with a login request that you, personally, did not ask for, make sure to close the page. You can try navigating to Facebook or whichever social network was requested manually after this. If you’re already logged in, that’s a red flag the email you received was a trick to steal your credentials.
Caution and vigilance are necessary in order to make the internet a safer place for everyone. By being safe with opening emails, not only are you protecting yourself, you’re stopping the spread of something that can harm others. That, itself, is the biggest help you can offer in the war against cybercrime.