1. Tech Support Scans
You’re browsing online. The attack usually goes like this: First, you receive a fake Windows Alert pop-up message claiming “Your PC might be infected” and to “click OK to do a quick 10-second scan.”
When you click OK, a very realistic-looking, but very fake, ”system scan” runs within your browser. The scan looks almost identical to your antivirus software’s real system scans.
Once the “scan” ends, you’re told that your PC is indeed infected and that you need to download and install an update to the antivirus software. Don’t do it! This “update” is actually an unwanted application that will install onto your computer.
Never trust internet pop-ups. They often use scare tactics to get you to call a number for tech support or download an application to “fix” the problem.
Go to your IT administrator (if at work) or a reputable computer repair company (if at home) if you think something is wrong with your computer.
2. Dangerous Office Attachments Bypassing Email Security
As always, be suspicious of email attachments because attackers are finding new ways to get around email security filters. The latest attack includes Microsoft Office attachments containing hyperlinks to dangerous websites.
If you unknowingly download one of these attachments and click on a link from within the document, you will be brought to a malicious website that steals your sensitive information. This particular attack is usually carried out with Microsoft Word attachments, but dangerous links are certainly not limited to files with .docx file extensions. This attack could occur with almost any file type.
Remember the following to prevent this type of attack from happening to you:
- Never open attachments from people you don’t know.
- Don’t open any attachment unless you have asked for it or have verified with the sender (through a channel other than email) that it is legitimate.
- Before clicking on any link in an email or email attachment, hover over it to see where it will take you.
3. Bogus Job Offers
This one is tricky. A series of phishing campaigns are targeting companies in various industries with phony job offers using direct messages on LinkedIn, according to researchers at Proofpoint.
The attacker initially makes contact by sending an invitation to the target on LinkedIn with a short message regarding a job opportunity.
Within a week after the target accepts the invitation, the attacker will send a follow-up email with either a link or a PDF attachment that contains embedded URLs.
These links take the target to a spoofed version of a real staffing service, which forces the download of either a Word document or a JScript loader. This document or loader will result in the installation of a JScript backdoor known as “More_eggs” which can then install malware or be used to gather information from the machine.
You expect strangers to reach out to you about jobs on LinkedIn, so you’ve got to be incredibly vigilant to avoid this.
- Do some independent research on the supposed offer.
- If you can’t find out about the company or position, Google the person contacting you.
- Look very carefully at the staffing service site you’re directed to. Make sure there are no tricky spellings in the URL or missing or strange information in the rest of the website.
- Remember to always be suspicious of downloads.
