Even in 2022, phishing emails remain a big danger for PC users
If 2022 proves one thing, it’s that it’s not just your grandparents’ computer that you need to worry about. In the age of Discord-hosted malware and NFTs, your digital data faces more threats than ever before. It’s easy to forget that something as simple as a phishing email exists and poses a big problem for people’s security.
Some websites have reported an increase in phishing emails trying to install malware on unsuspecting PCs.according to register, bad actors are using compromised Microsoft Exchange servers to send spam. The email attachment is an encrypted file, usually a .zip, which continues the malware known as IcedID.
.zip files usually have a password to unzip the files. In email, this is seen as a layer of security to help victims feel more at ease. Instead, entering the password will allow IcedID to be installed on the computer immediately.
This malware then provides a backdoor for further installation by criminals. Often, this access is sold to another party who wants to install ransomware on the machine.
Interzer Further explaining that the reason these emails are so convincing is due to thread hijacking. Emails containing malware are often presented as replies to previously stolen emails, making them appear more effective and less random. Intezer also did an in-depth look at how this new attack campaign works, which is worth a look for anyone interested in the ins and outs of how their computers were attacked.
So far, the emails appear to have used fairly consistent language asking for outstanding payments for recent contracts. This is all intentionally vague, which should help send a red flag to many. The contract details should be in the malicious attachment that you need to unlock with the provided code. We recommend that you do not do this and may control all of these passwords while you are using them.
As always, downloading something, especially in a compressed format from an email, is a risky business. But it’s understandable that people get caught unknowingly when the email appears to be from a known source. This is just another reminder to always be vigilant against cyber attacks.