Trickbot can now obtain your remote access credentials
The Banking Trojan called Trickbot has an updated ability and can now harvest your username and passwords from remote access type applications. This would allow the hacker to remote into systems using the username and password obtained.
TrendMicro Analysts stated “The malware arrives via an email disguised as a tax incentive notification from a major financial services company. This email includes a macro enabled (XLSM) Microsoft Excel spreadsheet attachment (detected as Trojan.W97M.MERETAM.A) that purportedly contains the details of the tax incentive. However, as these attachments usually go, this macro is malicious and will download and deploy Trickbot on the user’s machine once activated.”
The figure below is the email that someone will receive with the malware payload disguised as an attached excel document. Please be vigilant, don’t open an attachment unless you know who it is from & are expecting it.
You can be more safe by following the best practices against spam. This includes being aware of the main characteristics of a spam email, such as a suspicious sender address and random attachments. We also recommended that users be cautious about email messages that instruct you to enable macros before downloading Word or Excel attachments.
- Tackling Shadow IT: The Unseen Network Security Risk
- How to Spot and Report Cybercrime Effectively
- IT Management Strategies For Startups
- 3 Common Mistakes in IT Operations You Can’t Afford to Make
- How Generative AI Impacts Email Security
Loading ...