We’re always warning you about the latest scams making the rounds. That’s because cybercriminals are relentless with their never-ending attacks.
Ransomware, spoofed websites, and malicious apps are just a few devious tricks up their sleeves. Many new attacks are just different versions of older ones that have been tweaked just a little.
This is exactly what’s happening right now.
Malware is being spread worldwide in a sneaky way that we’ve seen before.
Don’t be the next victim of this sneaky scam
We’re talking about a new phishing attack that was recently discovered by security researchers from LMNTRIX. The malware spreading attack is being dubbed “Special Ear,” after a line of code found in the malware.
What’s happening is, a sophisticated hacking group is sending phishing emails to people all over the world. The emails contain malicious links that will infect the victim’s gadget with trojan malware.
If infected with this malware, the attackers are able to steal victims’ credentials by logging keystrokes from their device. It can also give attackers remote access to compromised gadgets.
This malware campaign has been active for a couple months now. Researchers believe the attack originated from China because they found Chinese phrases in the malicious code.
These types of phishing emails have a pretty high success rate. That’s because they are disguised as purchase orders that supposedly contain a link to an invoice of a purchase you made. Even if you haven’t made a purchase, you might click the link to find out what you have been charged.
Here is an example of a ‘Special Ear’ phishing email:
Image: Special Ear phishing email. (Source: LMNTRIX)
Staying on top of circulating threats is a great way to avoid falling victim to them. Another way is being able to spot a phishing email. Keep reading for suggestions.
Suggestions to defeat phishing attacks
This isn’t the first phishing email and definitely won’t be the last. That’s why it’s important to know how to handle these scams when they appear in your inbox.
Be cautious with links
Do not follow web links in unsolicited email messages, it could be a phishing attack. Cybercriminals always take advantage of popular websites and trending news stories to try and find new victims.
One thing to watch for with phishing emails are typos, criminals are typically careless with spelling and grammar. If you receive an email or notification from a reputable company, it should not contain typos. Take our phishing IQ test to see if you can spot a fake email.
Set up two-factor authentication
Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. This adds an extra layer of security and should be used whenever a site makes it available. Click here to learn how to set up two-factor authentication.
Use unique passwords
Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen from one site and you use the same username and/or password on others, it’s easy for the cybercriminal to get into each account. Click here to find out how to create hack-proof passwords.
Have strong security software
Having strong protection on your family’s gadgets is very important. One of the best defenses against digital threats is strong anti-virus software.
Backup your critical files
Backing up your critical files is important with all the digital threats we face. We recommend our sponsor, IDrive, for fast and reliable cloud backups.
Have a question about phishing attacks or anything tech related? Kim has your answer! Click here to send Kim a question.