Security website, Heimdal Security has learned about a new criminal email campaign targeting random email addresses with infected attachments designed to steal banking and financial information from its victims.
Using the names of trusted companies, criminals attempt to gain the confidence of victims, urging them to open and review a scanned document about a piece of equipment such as a copier, printer, etc. Once the victim opens the attachment, macros automatically fire and start downloading the Dridex malware program, attempting to access their prey’s financial data, logons, and passwords.
Hiding in memory, Dridex relies on stealth to evade antivirus and anti-malware security programs and has a very low detection rate. This is a nasty and dangerous virus, stealing confidential information before the victim is even aware of what’s happening.
Protect yourself and your business by making sure you and your employees practice good online computing habits:
- Use strong passwords of at least 14 (preferably 20) characters in length with a combination of upper, lower, special characters and numbers. Use a password manager like Dashlane or Keepass to keep your passwords safe.
- Never use the same password for different applications. If you do, then all the thief has to do is crack one password to get access to all of your systems.
- Where possible, use two-factor authentication for financial and confidential sites.
- NEVER open or download email attachments from unknown senders and make it a habit to scan attachments with your antivirus program even if coming from a trusted source. Please note: this is not a fail-safe method, but does afford some protection.
- Do not click on any link in an email, especially from untrusted or unknown senders.
- Make sure that the financial sites you’re accessing are secure. ALWAYS look for the green padlock icon to the left of the URL BEFORE using the site.
- If possible, restrict accessing financial sites to one (1) workstation that is not connected to your business network and is not used to access the internet in general. This workstation should be secured, have up-to-date antivirus and anti-malware protection, and locked down to prevent unauthorized access.
- Make it a habit to visit our blog, “The letter X”, for more tips on keeping you and your business safe online.
Want to learn more and be up-to-date on the latest threats to your company’s security? Then Click here to follow XSolutions on LinkedIn. If you’d like, personally connect with me on LinkedIn (https://www.linkedin.com/in/josephimperatosr). I have over 1500 connections and always have room for more.
We appreciate your readership and you’ll learn about the latest cyber-threats and how to protect your company from becoming a victim. Knowledge is power! See you on LinkedIn.
XSolutions is a Managed Services Provider (MSP) and provides 24/7/365 remote monitoring, scheduled workstation and server maintenance, Help Desk Services, Cloud & Hosted Services, Backup/Disaster Recovery, and Software Development. Call us at (845) 362-9675 and see how we can help your company.