CUSO-News---Payments-Report

close

Categories

More Tags

Subscribe to Email Updates

Popular Stories

Pay-by-Bank: Anticipating the Next Wave of Innovations
Understanding Enumeration Attacks and How to Prevent Them
Travel Disruption Just Became Easier with Visa's Digital Card Replacement
What It Means to Have a World Class NPS
Combatting AI-Powered Fraud wtih AI-Powered Fraud Prevention
Written by Cyndie Martini
on December 01, 2020

In another sign that hackers are exploiting the pandemic, Area 1, a security firm, recently released a report about a phishing email scam by the hacker group called Trickbot. Trickbot is also the same name the group has given its malware software. The latest Trickbot scam gets into companies by sending an email to employees, notifying them that they have been terminated. The email tells employees to click a link in the email for further details, and if the link doesn't work, click another link in the email.

Trickbot got its start as a Banking trojan malware but has evolved to target other industries. Trickbot is also a botnet. A botnet is a network of all the devices infected by the malware software (i.e., Trickbot). These infections may have taken place over several years. Once infected, hackers can steal information from the machine and use its computing power without the user ever knowing.

Microsoft orchestrated a takedown of Trickbot in October of this year. However, these groups often remobilize and rebuild their botnet networks, making them even more clever the next time around.

Credit unions can protect themselves against malware such as Trickbot by simply following best security practices and ensuring those practices are distributed to their employees. Credit unions should also keep employees informed about recent scams and what specifically to look out for. Keeping the company's software infrastructure consistently updated is always a good move. The latest software updates will often have patches to help avoid the latest security exploits.

Anyone who knows not to click links in suspicious emails or those from people they don't know has nothing to worry about. While the Trickbot email does try to look official, disguising itself as someone from human resources, wary users can still spot these emails by their language and company-specific terms. If nothing else, employees should confirm with their employer if the email is real.

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

Cybersecurity

NCUA Provides a Tool for Credit Unions to Evaluate their Security

It looks like Russian hackers are back at it. Due to this threat, NCUA and several federal agencies have issued cybersec...

Cybersecurity

Even Bank-Grade Security Doesn't Prevent Hacks

Morgan Stanley is the latest victim of a supply chain hack. Given the high levels of security and encryption that banks ...

Cybersecurity

Cybersecurity Is Biggest Concern For Banks In 2021

When CSI polled banks about their most significant concern for 2021, the answer was cybersecurity at 34%, by far the lar...