A new cyber threat is putting the security of Italian users at risk, it acts via email with malicious attachments here’s how to defend yourself
The CERT-PA, i.e. the Computer Emergency Response Team of the Public Administration, has found several attempts of cyber attack through an email phishing campaign that has affected many companies and SMEs in our country.
In the case detected by CERT-PA, the cyber attack carried out by a still unknown group of cyber criminals uses a fake communication from the shipping company DHL. The virus acts quite similar to the classic phishing campaigns, the victim is contacted with a fake message from DHL where he is invited to download a document attached to the email in order to receive information about “an important communication”, as described by the hackers in the email scam attempt. Obviously, if the victim opens the attachment, he does not receive any confidential communication, but simply starts the virus installation.
How the phishing attempt of the fake DHL message works
As it often happens with malicious attachments sent by cyber criminals, also in this case the tool used is a word file, once downloaded by the user, the document will ask the victim to activate macros. A request that should always trigger the alarm in us, in most cases in fact it is an operation required by hackers to take possession of our device. Once macros are activated on Word, the malware can actually install itself on our computer and start to act in the shadows.
At the moment, it is not yet clear if this new threat is a banking malware or not. Initial investigations seem to confirm this hypothesis but still there are verifications to be done to confirm it. Also because it seems that the main purpose of the malicious code is to steal data from cryptocurrency wallets, various programs such as Skype, Firefox, Steam, Edge and Telegram but also from the affected system including username, machine name or IP address.
How to defend yourself from this new cyber threat
Defending yourself from this new cyber attack is not complicated. The rule is one and only one: we should never download suspicious email attachments. If we have doubts about a shipment with DHL and the malicious email could mislead us before making a download of the documents attached in the emails we try to contact by phone our courier to understand if they are real communications to us confidential or not. Finally, if we have a company, we should train our employees to avoid that they open the malicious file and infect our systems.