More Tags

Subscribe to Email Updates

Popular Stories

The Quick On Visa’s 8-Digit Bin Migration
Crypto-as-a-Service (CaaS)
Biometric Authentication Adoption by Credit Unions
2022 Credit Card Trends
3 Payments Trends For 2022
Written by Cyndie Martini
on December 01, 2020

In another sign that hackers are exploiting the pandemic, Area 1, a security firm, recently released a report about a phishing email scam by the hacker group called Trickbot. Trickbot is also the same name the group has given its malware software. The latest Trickbot scam gets into companies by sending an email to employees, notifying them that they have been terminated. The email tells employees to click a link in the email for further details, and if the link doesn't work, click another link in the email.

Trickbot got its start as a Banking trojan malware but has evolved to target other industries. Trickbot is also a botnet. A botnet is a network of all the devices infected by the malware software (i.e., Trickbot). These infections may have taken place over several years. Once infected, hackers can steal information from the machine and use its computing power without the user ever knowing.

Microsoft orchestrated a takedown of Trickbot in October of this year. However, these groups often remobilize and rebuild their botnet networks, making them even more clever the next time around.

Credit unions can protect themselves against malware such as Trickbot by simply following best security practices and ensuring those practices are distributed to their employees. Credit unions should also keep employees informed about recent scams and what specifically to look out for. Keeping the company's software infrastructure consistently updated is always a good move. The latest software updates will often have patches to help avoid the latest security exploits.

Anyone who knows not to click links in suspicious emails or those from people they don't know has nothing to worry about. While the Trickbot email does try to look official, disguising itself as someone from human resources, wary users can still spot these emails by their language and company-specific terms. If nothing else, employees should confirm with their employer if the email is real.

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:


NCUA Provides a Tool for Credit Unions to Evaluate their Security

It looks like Russian hackers are back at it. Due to this threat, NCUA and several federal agencies have issued cybersec...


Even Bank-Grade Security Doesn't Prevent Hacks

Morgan Stanley is the latest victim of a supply chain hack. Given the high levels of security and encryption that banks ...


Cybersecurity Is Biggest Concern For Banks In 2021

When CSI polled banks about their most significant concern for 2021, the answer was cybersecurity at 34%, by far the lar...