Malware attacks are on the rise, but thankfully, so is the vigilance of individuals and IT MSPs.
What is TrickBot?
“TrickBot is a modular banking trojan that targets user financial information and acts as a dropper for other malware”, said the report. It is using man-in-the-browser attacks to steal the log-in credentials for finance-related sessions.
How it’s working
It makes sure it is not running in a “sandbox environment” and then attempts to disable your antivirus programs.
Once it has established itself on a device,
Redirection attacks send victims to fraudulent banking site replicas when they navigate to certain banking websites. This fake website is hosted on the cyber threat actor’s (CTA) malicious server and harvests the victim’s login information.
A server-side injection intercepts the response from a bank’s server, injects additional client-side code into the webpage, and can steal the victim’s banking credentials through form grabbing. Form grabbing records sensitive information typed into HTML forms, rather than capturing all keystrokes as with a keylogger.
What you should do
Familiarize yourself and your staff with common phishing tactics. Education is the ultimate end-user security practice. This is a necessity for network security.
For ITonDemand clients, spam filtering and endpoint malware security are in place to secure you from the majority of cyber attacks.
For more information on phishing, download our infographic below.
- If you think you have been infected, take the device offline as soon as possible. This protects you from any further data loss or further system/network corruption.
- Change all passwords from the infected device from a secure device.
- Contact the ITonDemand HelpDesk to see what further damage mitigation needs to be done.
For the full white paper issued by CIS, click here.
Download our infographic and learn how to identify a phishing scam when you see one.
Other Articles You Might Be Interested In:
Windows 7 End-of-life In case you are unaware -- Windows 7 is coming to an end. Microsoft has planned for this for a long time. However, most users have not it seems. According to web analytics vendor, Net Applications, Windows 7 actually saw its user share increase...read more
How to identify if an email is a phishing attack 91% of all cyber attacks are delivered through an email. A company of 5,000 employees will receive an estimated 14,400 malicious emails per year. It’s not abnormal to receive phishing emails. It’s only dangerous if you...read more
ITonDemand was created over a decade ago to help support businesses and organizations IT services. We kept hearing from businesses, like yours, that they just wanted their IT to work. And that is what we do. We make your IT work for you.