A recent spear-phishing campaign has been spotted spreading a weaponised remote access tool (RAT). Remote access is a tool used for troubleshooting and tech support, its legitimate use allows a network admin to access a client’s PC remotely to allow them to fix problems. Attackers are using the ongoing coronavirus pandemic as a lure by laying the email out like a newsletter around Covid-19 and including malicious Excel documents to convince victims to interact with the email.
Researchers within Microsoft’s security intelligence team said this week that the ongoing campaign started on May 12 and has used several hundred unique malicious Excel attachments so far – a trend that researchers said they’ve seen steadily increase over the past month.
The excel document that is attached to the email opens with a security warning, if this is ignored and the file is downloaded, the payload is launched. This then runs the RAT and allows attackers to send commands to your PC remotely, a technique that can be used to steal sensitive files and credentials without you even knowing.
The coronavirus is being utilized as a scare tactic lure by attackers to convince victims to open malicious documents, click on suspicious links or hand over their credentials. You need to remain vigilant and always keep a close eye out to spot the telltale signs of these attacks.
Cyber Wise has an array of training courses designed to teach you how to spot malicious threats such as email phishing scams as well as some of the other most prevalent attacks you will face. Contact us (link this to contact page) today to find out how we can help you to improve your business resilience.