Security researchers are warning of malicious email messages that impersonate an anonymous vote on the Black Lives Matter (BLM) movement.
The most common message, discovered by Zurich-based cybersecurity firm Abuse.ch, encourages recipients to "vote" on BLM issues using a Word document, which then infects the victim’s Windows PC with the TrickBot malware.
- Best antivirus: protect yourself from scams with online security
- VPN: add a layer of extra protection thanks to a virtual private network
- Black Lives Matter: Donations, shirts, resources and how to help
TrickBot is a widely distributed Trojan that steals personal information such as banking logins, online passwords, cookies and web histories. It can also be used to distribute ransomware across an infected network, and often appear to come from a trusted organisation.
Taking advantage of BLM
Bleeping Computer reports that the email identified by Abuse.ch masquerades itself as an email from “Country administration” about the Black Lives Matter movement, with its subject reading: Leave a review confidentially about Black Lives Matter.
Recipients are encouraged to vote anonymously and leave reviews about Black Lives Matter by filling out a form entitled "e-vote_form_3438.doc."
After downloading and opening the document, victims are prompted to click “Enable Editing” and “Enable Content” in order to access the content.
But the reality of clicking on these buttons is that a malicious dynamic-link library is then downloaded onto the victim’s computer. Unknowingly to users, their personal information can then be accessed and stolen by the Trickbot malware.
There are a number of things you can do to protect your devices from TrickBot Trojans, such as ensuring your OS is up-to-date, using the best antivirus software, and setting up multi-factor authentication and only opening emails from trusted sources.
- Read more: Safety and affordability combined with these cheap VPNs