Computer phishing attacks have increased since the pandemic began. The threat is so great that the FBI recently had to ring the alarm bells for the United States. As a reminder, malicious actors attempt to trick a person into believing that they are communicating with a trusted third party in order to extract their personal information.
A number of cyber criminals have chosen precisely this modus operandi. This phishing campaign discovered by Microsoft enables them to spread the Java-based trojan called STRAT. As noted by our colleagues at 20 Minutes, it is particularly harmful and enables information, including usernames and passwords, to be stolen by recording keystrokes.
Beware of fake invoice emails
Another special feature of this malware: its clearly unusual way of working. The latter actually behaves like ransomware. After installation, it appends the “.crimson” extension to all files on the computer. And while users try to fix the supposed ransomware, the trojan can then be deployed remotely.
Note that the attack itself is very classic. The target person receives an email that appears as an invoice to be paid. Click an attachment in PDF format to view it. Opening this document then activates the installation of the Trojan.
Of course, for the best protection against this threat, you shouldn’t click on the attachments of emails that you think are questionable. So while vigilance is required, the use of an effective antivirus solution is also recommended for optimal protection. On this subject, we have made a very complete guide that lists the best deals on the market. Enough to make the right choice and avoid unpleasant surprises in the future.
Bitdefender Plus Antivirus