Tuesday, June 22, 2021
Home windows news Microsoft Security Intelligence exposes phishing scheme that could be affecting you right...

Microsoft Security Intelligence exposes phishing scheme that could be affecting you right now

Windows Defender HeroSource: Dan Thorp-Lancaster / Windows Central

Today in predictable cybercrime, there’s a campaign going on wherein phishers are targeting people in the travel and aerospace industries with malicious emails containing loaders that pave the way for remote access Trojans (RATs) to steal data. Microsoft Security Intelligence exposed the whole operation over on Twitter.

It’s a classic phishing scheme: The bad actor pretends to be a legitimate organization or individual and whips up a very, very convincing email to enhance the legitimacy of the act. That email contains an attachment disguised as a PDF. The second it’s clicked, the RAT — in this specific campaign’s case, RevengeRAT or AsyncRAT — then gets to work on stealing your data.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

What data will it go after? Screenshots, credentials, browser data, network info, and even webcam data. Has your webcam seen anything lately you wouldn’t be proud of certain eyes stealing a look at? Then beware.

You’re not without help, though. Microsoft has published advanced hunting queries over on GitHub to help you suss out attacks in your environment.

As mentioned, this campaign is targeting two massive industries at an organizational level rather than individuals. However, individuals make up said organizations, so if you happen to work in the travel or aerospace sectors, you might be one of the people targeted by these annoying phishing attacks. Watch out for bad folks posing as good folks, always triple-check that attachments are what they claim to be, and stay safe out there.



Please enter your comment!
Please enter your name here

This website uses cookies. By continuing to use this site, you accept our use of cookies.