Since the beginning of June 2015, France is facing a massive campaign to spread malicious software (malware) through unsolicited email (spam). This software known as “Dridex” is designed to infect computer workstations using the Microsoft Windows operating system (any version from Windows XP to Windows 8.1). Currently, 28,000 posts are infected in France.
A deceptive mail as invoice
The purpose of this software is to take control of the machine to villainous purposes. Indeed, after being infected, compromise computer station will serve both at the collection of personal data (account numbers, logins and password, credit card number, browsing history, etc.) and to the achievement of fraud (money transfer, connection to websites, message sending, proxy relays, etc.) and that, unbeknownst to the legitimate owner of the machine. The victim, individual or company, is the recipient of an email message that contains an attachment, usually a document in Microsoft Word / Excel format, or in some cases, Portable Format Document File (.pdf). This attachment is often entitled “Invoice” or “invoice” and the message subject is often related to a payment or an invoice.
All your codes and data collected
Opening this attachment leads when activating macros is authorized, downloading a malicious program that allows remote takeover of the machine. Thereafter, when the victim connects to the site of his bank online, malware, will recover all relevant information (username, password, full name, phone number, account number, credit card number, account balance, etc.). Armed with all this information, the scammer will then make money transfers from the account of victim to that of a third person who may be in France, but more generally abroad.
How to prevent Didrex
– & gt; Observe great vis-à-vis vigilance email and have a critical mind about the origin of the messages that reach you
– Delete any suspicious-looking emails (spam) received in the box mail, especially if they contain attachments
– Do not open especially attached documents contained in spam. just delete the
-. If you have any suspicions about an email claiming to be from legitimate organizations (banks, administrations, sales sites, etc …), it is better before, check with of the organizations in question the veracity of sending the message and the authenticity of the attachment
-. Install anti-malware solution that also protects against spam. First, it should at least reduce or at best eliminate the risk of accidentally opening one of these spam and malicious attachments
– Disable the executable macros automatically in Microsoft Word and Excel
– If there is suspicion of infection, immediately change the access password to the online bank account to do this quickly please contact your bank and alert of a potential risk of fraud. DRIDEX being able to steal other types of connection identifiers, it is strongly recommended for all other access to online services, change “logins and passwords.” CAUTION: do this using another means of connecting the computer suspected of infection
– Perform the same extent on all other internet service accounts you are holding (internet service provider, online sales, social networks, etc …). Dridex also flies this type of information
– Monitor the activity of your bank accounts and verify the legitimacy of your transactions
.
No comments:
Post a Comment