Belarusians warned of increased threat of money theft
Last year, an increase in incidents related to the theft of funds using malicious software was recorded, Belta reports with reference to the center’s experts. Both legal entities and individuals were subjected to attacks, in relation to which fraudulent calling schemes (vishing) were used.
The beginning of 2020 shows that the trend continues. Attackers adapted to Belarusian banks and remote banking services (RBS), began to systematically prepare entire campaigns.
“In January, attackers began to use malware (malware) such as Emotet, which refers to the so-called bankers (malware that specializes in stealing banking information: bank details, account passwords, etc.). If any infected machines are used RBS, then there is a high probability that attackers will steal funds, "noted Cert.by.
A feature of the latest mailing list is the use of malicious emails from completely legitimate mail servers, to which unauthorized access was previously obtained. “Such access can be the result of improper server settings, credential selection (weak passwords, the same passwords used on different services), preliminary infection of the user's computer, and credential theft. Among the servers there are both located in a foreign domain zone and in our zone BY. When mailing, the letter contains the archive “Securing the contract for the last week. 001”, which contains the executable file with the same name and extension. ". The text referred to the need to translate a fee under the contract", - told the Center.
Attackers compose letters in such a way as to force the user to follow the link and/or open the file under various pretexts. “There is no universal and more reliable remedy for phishing than vigilance and healthy suspiciousness,” the center emphasized.
Compliance with several rules will reduce the likelihood of falling into the bait of scammers. First, you need to be careful and suspicious of all letters with attachments as well as with links. Even if they came from a familiar address, this does not guarantee that they are safe: the sender's box could be hacked. Upon receipt of unexpected suspicious letters, it is advisable to contact the sender in any alternative way and to determine whether he sent it.
The links in the letter must be checked for spelling errors - even minor ones. Mistakes are a clear sign of fake email. Of course, the use of licensed antivirus software is also important. Although it does not provide 100% guaranteed protection against infection, it allows you to protect yourself against already well-known and widespread threats.