Gadgets Beat
  • NEWS
  • SMARTPHONES
  • GADGETS
  • HOW-TO / GUIDES
  • SOFTWARE & APPS
  • REVIEWS
  • EDITORIALS
No Result
View All Result
Gadgets Beat
  • NEWS
  • SMARTPHONES
  • GADGETS
  • HOW-TO / GUIDES
  • SOFTWARE & APPS
  • REVIEWS
  • EDITORIALS
No Result
View All Result
Gadgets Beat
No Result
View All Result
Home News

Emails scam tries to trick users into installing a dangerous malware

by Kriti Agrawal
March 23, 2020
Emails scam tries to trick users into installing a dangerous malware

Security researchers have discovered a new campaign, which appears to be trying to trick victims into installing a malicious attachment, much like similar other campaigns. Hackers may be distributing malicious payload into the victim’s computer with the help of fake emails from companies like Uber, UPS, Invoicely, QuickBooks and Secure Parking.

The emails consist of a document requesting to be signed using the DocuSign software, which enables organizations to manage e-documents.

Cybercriminals delivering malware through Word document attachments have become highly common these days. However, the subject lines differ from case to case. Sometimes, hackers would use the subject line “files” or “paperwork“. At times, they would use “documents” in the subject line.

In other similar campaigns, hackers would use email subjects like “Private info belonging to your friend has been stolen“, “Your colleague’s account was compromised” or “We have got access to your friend’s account“.

The payload gets installed only after users open the MS Word document attachment. The document users “Enable content” in order to make sure that the macro is executed on the machine. Interestingly, researchers have observed that all emails contain exactly the same macro content. After the macros run, a PowerShell command executes in the background.

“The senders identify themselves as the Red Skull hacker crew and claim to have hacked into someone’s account. They apparently found an intimate picture of his girlfriend and threatened that person to distribute the picture to his complete contact list.”

Ultimately, the execution of macros installs ransomware onto the victim’s computer, usually demanding $500. Upon failing to pay money, the picture would be sent to the victim’s contact.

Researchers recommend users that they should refrain from clicking or opening links in emails directly, instead type in the main URL in your browser or search the brand/company via a search engine.

Also Read: 

  • Google removing thousands of fake videos on Coronavirus from YouTube
  • India likely to beat China in terms of global smartphone production in the future
Source: IBM X-Force
Tags: Cyber Security

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

LATEST NEWS

Jabra Evolve2 75 Headset To Re-energise Hybrid Working Launched in India

How to Reset Network Settings on iPhone, iPad, iPod [iOS & iPadOS]

Fix Google Pay Error: Please Exit Any Apps That Might Be Drawing Over The Screen And Try Again

How to Download and Save Instagram Reels in Gallery

How to Remove Profile Picture from Google Account [Gmail, Google Meet, YouTube]

  • ABOUT
  • CONTACT
  • TEAM
  • TERMS & CONDITIONS
  • PRIVACY POLICY
© Gadgets Beat - All Rights Reserved.
  • NEWS
  • SMARTPHONES
  • GADGETS
  • HOW-TO / GUIDES
  • SOFTWARE & APPS
  • REVIEWS
  • EDITORIALS

© 2021 Gadgets Beat - All Rights Reserved.