Catch of the Week
- October 16, 2020
- Posted by: Kerry Tomlinson, Archer News
- Categories: Archer News, Cyber Crime, Cyber Crime, Cyberattack, Posts with image
We’re starting a new feature here at Archer News. We alert you to phishing messages people are talking about this week that could land in your inbox.
Many cyber attacks start with a simple phish — click on the links, and they can steal passwords and money, download ransomware and more. You can stop some cyber crooks simply by being aware of their tricks.
You’ve got COVID. At least, that’s what the message tells you:
“Hey now lad it looks like you’ve got the old cheeky Corona. Best be clicking this link.”
It looks like it came from the official message service of the Irish government. But it’s a fake.
Luckily, this phish just a demonstration of how attackers can fake these crucial alert messages and send them to your phone.
Security hacker Jake Davis sent the message to a friend — with his friend’s permission — to show that the Irish government’s COVID messaging service is hackable. In March, he made a similar demonstration with a message that looked like it came from the British government’s service.
While these are just demos, real government COVID scam text messages are indeed going around. The risk is that you click on the link and give away personal information like your passwords or download malware onto your device.
Unable to Enable
This phish tries to trick you into enabling certain tools that let the attacker in.
If you allow the use of macros — a shortcut tool — attackers can use that shortcut to hack you. Normally, your macros are turned off, shutting off that attack route. But this message tries to get you to unlock the doors.
It claims that to read an attachment, you will need to ‘enable editing’ and ‘enable content’, according to Bleeping Computer.
“This [sic] steps are required to fully decrypt the document, encrypted by corporative [sic] firewall,” it says.
Follow the steps, and you’ll let attackers using the botnet Qbot into your machine to cause trouble, Bleeping Computer said. That includes stealing your banking and Windows passwords as well as giving access to crooks who want to plant ransomware.
Enabling, Part Two
Another series of emails tries a similar trick, ZDNet reported this week.
It says that “some apps need to be updated” because they aren’t compatible with this file format.” To see it, you need to “click Enable Editing and then click Enable Content.”
In this case, however, you will download malware from the Emotet botnet, according to ZDNet.
If a message asks you to follow these steps, verify that it’s a real message first.
Out of Bounds
Finally, watch out for messages sending you to fake FIFA video game sites.
FIFA 21 came out last week. It’s part of the popular FIFA series, recognized on the Guinness World Records site as the best selling sports video game series in the world in 2018.
Scammers will be sending messages, posting on social media and making fake sites to lure you in, reported Malwarebytes.
The attackers will also make fake Instagram, Facebook and other social media accounts that will steer you toward their phishing sites, all with the goal of stealing passwords and in-game currency.
Main image: Technology fish. Image: Gyro/iStock