Sweden climate change activist Greta Thunberg shot to global limelight with her speech regarding environment degradation at the United Nations 2019 summit. This apparently inspired several children to take up the cause to fight big corporate companies for pollution and wake up respective governments to take measures to mitigate global warming. Sadly, cybercriminals are misusing Thunberg's name to prey on people to stealing financial credentials during Christmas.
Proofpoint Threat Insight team has come across a malicious email campaign by hackers are using Christmas greetings and Thunberg. In the screen-shot (below), we can see the deceptive email, which says great things about Thunberg and mentions she is the Time magazine's Person of the Year (2019) and she will be holding a big protest march against government's inaction with regard to global warming.
It then asks the victim to join the campaign but mentions the time and place details are in the attachment. This is where most people fall prey to the hackers, as the attachment, which has malicious malware dubbed as the Emotet.
What is Emotet?
It is a banking trojan, which has been active since 2014, but it has become more prevalent in recent years affecting both individuals and corporate users. It mostly affects Windows PCs and steals banking credentials. If you are not vigilant enough, you will be bankrupt before coming to the realisation of what hit you.
It has come to light that the hackers are sending malicious emails with Greta Thunberg subject line in multiple international languages including Spanish, Italian, Japanese, Polish, German, French and more.
All Windows PC users are warned not to open email attachments sent from unknown random people. If you receive one, make sure to mark it as spam and delete it right away.
"This campaign serves as a reminder that attackers won’t hesitate to target people’s best intentions during this holiday season. It also serves as a mark of how significant environmental awareness has become and how well-known Greta Thunberg is globally. Attackers choose their lures carefully: in many ways their lures are a reliable barometer of public interest and awareness," Sherrod Degrippo, Proofpoint said.
Here's How to safeguard your PC or mobile phone from adware and other malicious threats:
1) Whether you have an Android mobile or iOS-based iPhone or Windows-powered PCs or Mac computer, always stay updated with the latest software. All Google, Microsoft, and Apple send regularly send firmware — especially security patches monthly or on a priority basis, whenever they detect threats. So, make sure you install the latest software.
2) Another good practice is to install a premium Antivirus software, which offers 24x7 protection. They are equipped to detect threats quickly whenever you unknowingly visit a shady website
3) As said before never ever open emails or SMS and click URL links sent from unknown senders
4) Also, never install apps or software from unfamiliar publishers.
5) Always download apps from Google Play or Apple App Store or Windows Store only. Never install from any third-party app store.