Scammers are using Black Lives Matter as Phishbait

phishing campaign is using Black Lives Matter-themed phishing lures to trick people into installing malware, Yahoo reports. Adam Levin from Cyberscout told Yahoo that the phishing emails contain the subject line, “Vote anonymous about ‘Black Lives Matter.’” The email body states, “Leave a review confidentially about ‘Black Lives Matter.’ Claim in attached file.”

The attached file is a Microsoft Word document titled, “e-vote_form_3438.” If the user opens this document, they’ll see a slide telling them to click “Enable Editing” and then “Enable Content” in order to view the content. If these buttons are clicked, the document will be allowed to run a macro that will trigger the malware’s installation process. This is an extremely common tactic, but many people still fall for it.

Levin says the final payload in this campaign is TrickBot. TrickBot is a notorious and versatile commodity banking Trojan that’s used by both criminals and some nation-state actors due to its effectiveness. In addition to stealing passwords and financial information, TrickBot can spread to other computers and download additional malware such as ransomware.

Yahoo notes that since cybercrime is such a profitable industry, these attacks won’t be slowing down anytime soon.

“This particular TrickBot scam may be new, but malware scams are always rampant on the internet,” Yahoo says. “The statistics are staggering: by 2020, the global cost of malware attacks is expected to hit $6 trillion—yes, trillion—according to the cyber experts at Cybersecurity Ventures.”

Attackers always try to exploit hot-button issues and current events to trick people into making poor security decisions. As the US gets closer to its election in November, we can expect to see more scammers trying to take advantage of issues that people feel strongly about. New-school security awareness training can help your employees take a step back and think about what they’re doing, rather than impulsively clicking on a link or downloading a document.


Global Ransomware Attacks Increase by 715 Percent as Cybercriminals Capitalize on the Pandemic Opportunity

The massive rise in frequency is a signal that cybercriminals are not only finding their ransomware campaigns successful, but are also seeing increases in ransom amounts.

The goal of any business is to build a product where you make a very healthy profit margin. Once you have that, you take it to market and continue to increase the reach of your sales efforts to see both revenue and profits increase annually.

This is exactly the same mentality cybercriminal enterprises have when it comes to ransomware – if it works, send it out to more people. If they’re willing to pay $1000, see if they will pay $5000, $10,000, and more. Recent data has shown that ransomware creators are doing both.

According to BitDefender’s Mid-Year Threat Landscape Report 2020, the first half of 2020 saw a 7x jump in the frequency of ransomware attacks when compared to the same time in 2019. The report shows that the distribution of attacks was relatively evenly distributed across the first six months of this year.

We’ve also seen ransoms jump by an average of 60 percent this year, signaling that cybercriminals are keenly aware of what the havoc they’ve wreaked is worth to an infected organization.

According to the Bitdefender report, both the pandemic and the shift to working from home play a significant role in the success rate of attacks, as users have their defenses down and have been overwhelmed by the unprecedented change in the way we all work and live. Half of remote employees simply aren’t prepared for the organization’s dependence upon them to be vigilant against cyberattacks including ransomware. New school Security Awareness Training provides an effective means to not only educate users on how the bad guys go about phishing and social engineering attacks, but also on how users can become and remain vigilant while doing their job – thus, lowering the threat surface for ransomware attacks.

With such a massive increase in the amount of ransomware attacks, organizations should assume that ransomware is only going to become more prevalent, pervasive, and profitable for the bad guys.