A powerful malware is spreading through phishing campaigns using a Microsoft Word attachment.
It’s called Smoke Loader, and, according to Bullguard, has several components:
- It can download browser plug-ins for Firefox, Internet Explorer, Chrome, Opera, QQ Browser browsers and Thunderbird and Outlook email clients
- These plug-ins steal stored credentials, such as passwords, and also sensitive information transferred over a browser
- The malware is injected into applications like TeamViewer, an application that allows users to remotely view others desktops
Although it’s been around for some years, it has become increasingly sophisticated.
Its creators have recently added anti-analysis techniques to make forensics difficult. As a result, it’s harder to trace the source of the servers. Plus new runtime AV scanners, tracing, and debugging features to confound researchers who try and find out more about it.
Keep your eyes peeled
The best way to guard against phishing campaigns, other than using good security software, is to be on your guard.
Phishing emails contain some form of bait message, such as an invoice, a parcel for collection or a PDF requiring downloading.
You can protect yourself by:
- Casting a healthily suspicious eye on an unexpected email promising something
- Questioning emails from apparently legitimate organisations with which you have had no dealing. Cybercrooks are good at mocking up emails that appear to be legitimate
- Looking out for spelling or syntax errors; these are often clues that the email is not what it claims to be
- Never revealing your personal information such as passwords, bank account numbers and card information even if the mail appears to be from your bank. If in doubt call your bank and speak to someone in the fraud department
MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.