Hackers target account credentials aggressively using fast-speed attacks on Microsoft accounts and Google two-factor authentication bypasses. Emails have become the number one tool of hackers for these “do not click” scams and threats with no phishing at all. Experts are warning users today against a couple of cleverly disguised malware including the VIP Keylogger and 0bj3ctivityStealer malware in an email. Considering Gmail and Outlook hold the record of largest emailing service, you have to remain extremely alert towards this silent danger. Let’s learn about this further.
How Hacking Threats Hide In Your Email?
Threats in the phishing category have been around for quite a long time; however, the most common way they rely upon is the traditional tactics such as clicking on the links and execution of attached files. According to the latest HP Wolf Security Threat Insights Report, it has recently surfaced a new, critical malware that hides in an image. There are two notable malware threats now being delivered by email.
Security researchers have found malware campaigns spreading the VIP Keylogger and 0bj3ctivityStealer, both of which employ the same initial exploit technique: embedding malicious code in images. The VIP Keylogger captures keystrokes and extracts credentials from a variety of sources, including applications and clipboard data. On the other hand, 0bj3ctivityStealer is programmed to steal information, targeting account credentials as well as credit card data.
With all these threats surrounding emails, one has to be very vigilant and take all precautions to ensure safety about their email and information.
Mitigating The Phishing Dangers Hiding In Your Email:
The Cyber Security Agency of Singapore has updated its list of recommended security apps, which aim to increase the protection against phishing and malware campaigns. Six security apps have been tested on both Android and iOS platforms, according to the updated list.
These four categories are malware detection, phishing detection, network detection, and device integrity checks, where the latter two are new additions in this review.
In the malware test, the selected apps were determined for their accuracy in identifying sample malware.
That includes the actual malware, rehashing, as well as masked ones. There is also access to selected phishing links by in-app and in-browser or provided URL checkers from the installed apps.
Network detection was based on simulating attacks to determine if the applications can detect the attacks and alert the users, while device integrity checks were based on detecting unauthorized rooting and jailbreaking changes. While CSA states that no application may potentially produce absolute cyber security, it encourages its subscribers to stay vigilant and offers good cyber hygiene, as well as anti-scam advice updates.
The six recommended security apps are expected to enhance the protection of mobile devices against widespread malware attacks and phishing scams.
