Cybersecurity Newsletter - Issue 19
Keeping an eye on cyber news and threats
Fake Microsoft Store, Spotify and document converter sites spreading malware
Cybersecurity firm ESET has discovered a malware campaign that uses adverts promoting what seems to be legitimate software, but instead redirect to fake sites and trick the user into downloading information-stealing malware.
One of the adverts is for a chess game that you can download from the Microsoft store, however, the website is fake and automatically downloads a zip file containing the virus. Another advert promotes Spotify and again redirects to a fake Spotify website with the same virus.
As you can see from the example above, the websites look convincing, but the URL in the address bar gives it away so always check that first to make sure you are on the legitimate site.
The virus itself is known as Ficker or FickerStealer and is an information-stealing trojan that was released on Russian hacker forums, which the creator rents out to other threat actors.
The virus can steal saved credentials from browsers and desktop messenger clients, steal cryptocurrency wallets and documents, and all get sent back to the threat actor in a zip file.
Facebook Messenger users being scammed by fake update advert
Facebook Messenger users around the world are being scammed by a fake ad in their Messenger app, promoting an update to the app. The goal of the fake advert is to steal user credentials.
To get around Facebook’s filters the scammers are using typos of Messenger, such as ‘Massenger’ or ‘Messanger’, so that at a quick glance it looks like the real thing.
The link in the ad redirects to a fake Facebook or Messenger login page which is used to steal the credentials.
Always watch out for typos or bad grammar and be cautious when following shortened links as they can often be used to hide the real address that may give away the scam.
This week’s top tip – Don’t keep passwords in unprotected documents on your PC
Many people use text files, Word documents or Excel spreadsheets to store their passwords, particularly at work when there may be many accounts and passwords to remember. If anyone were to gain access to the system or a person’s files, they could easily find any of these documents and have access to all of those credentials, which is why storing them unprotected is a bad idea.
I always recommend a Password Manager, but if you must use a document to keep track of your passwords, make sure that it can be password protected and encrypted. Word or Excel give you the option to encrypt with a password (see image right) but make sure you use a strong password and avoid using the word ‘passwords’ in the name of the file, as this can be easily found using a file search.
Never give anyone access to your personal password document, and as I mentioned before, please consider using a password manager; they are easy to set up and use and allow you to use multi-factor authentication to further secure your passwords from unwanted access.
That’s all for now, see you next week.