gmail users have been put on red alert and need to be very careful about what they click on in their inbox. Security experts have revealed that crooks spread dangerous attachments in emails which can lead to theft of crucial information like credit card details with just one click.
This is due to the dangerous Vidar malware which is hidden in attachments sent as part of a campaign targeting Gmail users.
Vidar is an information-stealing malware that can collect sensitive information such as credit card details, addresses, password stores, crypto wallet data and other things you don’t want hacker grabs hold.
This malware can be purchased ready-made for cyber criminals, who have found a sophisticated way to distribute the malware.
As Trustwave researchers discovered, a new email campaign is spreading Vidar by loading it into a compiled Microsoft HTML help file.
This is usually a harmless-to-open file that provides supporting documentation for a program you want to run.
But in the case of the latest scam that targets Gmail users, the malware itself is loaded on this help file and clicking on it will lead to your machine being compromised.
To trick unsuspecting Gmail users into opening this file, hackers rely on typical social engineering tactics.
In one example from the Vidar campaign, researchers spotted an email titled “Unread Coverage Request.”
It looked like the message was being sent as part of an ongoing conversation and it said, “Important information for you. See attachment to email.”
Attached to the email was a request.doc file, which when extracted revealed two files – an app.exe file as well as a pss10r.chm help file. The latter is the one on which the dangerous payload is secretly loaded.
In the example highlighted by Trustwave, the scammers didn’t put too much effort into crafting a compelling email that would get someone to click on a file sent from an unknown email address.
But that doesn’t mean that future scams won’t involve a little more thought, so you need to be very careful which emails you click on, especially those with attachments.
Speaking to ZDNet, Karl Sigler of Trustwave said, “As this Vidar campaign uses social engineering and phishing, ongoing security awareness training for your staff is essential.
“Organizations should also consider implementing a secure email gateway for ‘defense-in-depth’ layered security to filter out these types of phishing attacks before they even reach inboxes.”
To help you stay away from this threat or any other email scam, be careful about emails you receive from unknown email addresses.
If a message claims to be from a reputable company whose services you use, check to see if the sender’s email is in fact an official email address and, if in doubt, contact the company in question to confirm if the message is official correspondence.
Also beware of the telltale signs of a fraudulent message, including spelling and grammatical errors, asking you to enter sensitive user information on an unknown website, or urgent requests to provide payment information.
Comments are closed.