Microsoft cybersecurity experts: It then delivers RevengeRAT or AsyncRAT for data theft, and payloads as Agent Tesla to exfliltrate it.
The arrival of the new EU General Data Protection Regulation (GDPR) has inspired the cybercrime to spread new scams
The arrival of the new EU General Data Protection Regulation (GDPR) has inspired the cybercrime to spread new scams. The GDPR it’s the lure for phishing emails. It has been denounced by the National Cyber Security Centre (NCSC) UK in it’s Weekly Threat Report. “Many internet users are now receiving emails from organisations that they have online dealings with, explaining the new regulations and asking them for permission to carry on storing their information.” – the document reported -. “Scammers have taken advantage of this to send fake GDPR-themed emails in an attempt to spread malware or steal personal data. Apple customers, for example, have been sent a link advising users that their accounts had been ‘limited’ due to unusual activity and then asking them to update their security information. Users are then directed to a fraudulent webpage where they are asked to input security information. Once this has been completed, users are then directed back to a legitimate Apple web page”.
GDPR has comed into effect on 25th May 2018, so the cyber criminals have litte time to use this lure for phishing emails
GDPR has comed into effect on 25th May 2018. And probably the next days will be the last in which our emails will be bombed by companies with requests of agree the new terms, trying to fine-tune the management of their contact databases. So the cybercrime has a short window in which to use the lure of the new EU Regulation as cover for phishing emails. And most likely the cyber criminals will exploit it as best as they can, sending millions of them worldwide. So beware of any GDPR subject mail and check it carefully before open and manage it.