Hackers Using Your Stolen Credentials Against You in Latest Attack

You might be wondering what happens when all those millions of credentials are stolen and sold on the dark web. You might be one of the 117 million LinkedIn users who was a victim recently. Cybercriminals are using the information in various ways. One of them is posing as legitimate colleagues in phishing emails.

In some cases, they send a message with the subject line of “unpaid invoice” or something similar. Inside is a Microsoft Word document that includes common malware like the PandaBanker Trojan that will infect your computer and steal your online banking credentials.

To avoid this, watch for some red flags that the message is indeed phishing:

• Unexpected attachments or links included in the message.
• A supposed invoice is included.
• A dialogue appears asking you to enable macros.
• Information from your LinkedIn or other social media or networking profile is included in the message.

Be cautious about the information you post on social media or professional networking sites. This is often used for targeted phishing attacks (spear-phishing) and are so well done in many cases, that if you are not paying attention, you could fall victim. Beware of popup or warning fatigue. This happens when a user gets inundated with dialogue messages whenever browsing the web. The hackers count on this happening and will implement malware behind those buttons. If you click the wrong one, you may lose a lot more than patience, especially if the malware is PandaBanker or others like it.

In addition, never enable macros unless you are 100% certain that it is necessary or that you created them yourself or someone you know created them. Macro malware is on the rise these days and has been seen in a lot of the newly created versions of older malware such as Dridex, which is found in 15,000 messages per day and is responsible for an estimated $15 million in corporate account takeover losses alone.

© Copyright 2016 Stickley on Security