Posted on December 21, 2019 at 4:40 PM
Cybersecurity researchers at Proofpoint have alerted the online community of a malicious attack that uses the name of Greta Thunberg.
The researchers cautioned that the malicious attack is sending their victims’ fake emails with the name of the environmental campaigner, Greta Thunberg, as the sender.
The cyber attackers carry out the threat via attachment in Microsoft Word, with the title, “Support Greta Thunber.Doc.” If you’ve seen such attachment in your mailbox, you should not open it, because it’s probably a malware.
The malicious campaign spreads a banking Trojan
The attackers fronting this type of malicious mail target the computer hardware of its victims and infect them with a banking trojan known as Emotet. The Trojan is well known for attacking Windows systems. Its main activity is to get hold of financial data and plant more malware on the victim’s computer.
The United States government has explained that Emotet is a very dangerous malware. It has been a bane in the computer world. According to the government, the malware has become one of the most dangerous and most destructive malware, affecting all sectors of the government. It affects both private and public institutions, as it can cripple a computer system completely, losing all the vital information stored within.
Proofpoint had advised users on Emolet in the past. The researchers pointed out that the Trojan is the leading banking trojan. They stated that it constitutes the most dangerous risks to victims whose computers are infected with Trojan.
Proofpoint reiterated that Emolet posses a great threat, and many people should be careful about the email content they open.
The past few weeks have seen unprecedented incidents in the use of malware to infect computers.
This is coming as no surprise because it’s the holiday season, according to Proofpoint. Hackers are more serious about getting hold of sensitive information for their selfish benefits.
The holiday period is also a period where decent news flies very well. It’s a nice time for hackers to use unscrupulous means to deceive unsuspecting victims. With the recent happenings on climate change and the influence of Thunberg in that area, it’s not a surprise his name is used.
Fraudulent email uses a campaign with worldwide appeal
The fraudulent email urges recipients to demonstrate their Christmas rather than shop during the Christmas Eve. The message also lures those who wouldn’t want to support just to open the email to find out the details about the time and venue. This is how the hackers get their victims to invite the Trojan into their computers.
Due to the worldwide coverage of Thunberg’s climate cause, the fake campaign is global. According to Proofpoint, the emails have circulated intensively. The researchers have seen similar emails in multiple languages targeting different users in the world. There have been emails of this Trojan in the U.S. and more than a dozen countries in Asia and Europe.
Trojan attacks educational domains more
Proofpoint also stated that the Trojan seems to attack students and educational portals more than other sectors. According to the researchers, there are more .edu domains targeted than other types of domains. That is not a coincidence considering the strong support base Thunberg has among young people and students.
And another reason is the fact that most students will be at home because of the holidays. Some of them may use the family computers, and they would not be very conscious of the security threat posed by opening such emails.
So, it seems the hackers selected the right time and are targeting those who are more likely to fall into their bait.
Proofpoint says that this type of attack is not completely unexpected, because malware campaigns usually draw the interest of the public over an important social event or topic. They usually rely on the users’ areas of interest to deceive unsuspecting victims. Thunberg has such a worldwide interest and appeal, so many could open the email thinking they are supporting a great cause.
According to Proofpoint, this malicious campaign should remind people that attackers would not think twice before using people’s best intentions against them in this holiday season. They warned that computer users should be more careful during this season not to fall victim to the attackers’ antics.