In the latest development, banking malware seems to be the order of the day.
Malicious files posing as CVs to trick victims into exposing their banking details have been discovered by Cybersecurity researchers.
The malicious Microsoft Excel files which are attached and sent via email with subject lines like “RE: regarding a job or “RE: Applying for a job” are being used to deceive unsuspecting target into opening such files. Once opened, the Zloader malware automatically installs on the victim’s computer.
Researchers from Check Point say that “It is a malicious banking malware designed to siphon financial information and other vital data from customers of financial institutions. It was built with the ability to steal web browser’s stored cookies and passwords found on a victim’s computer in other to carry out fraudulent transactions with the victim’s banking details.”
The security research firm also discovered a sharp increase in malicious usage of medical leave forms which has been circulating online to carry out similar actions like the malicious CVs files. Document names like “COVID -19 FLMA Center.doc” are used to spread the infections via IcedID banking malware targeting credit/debit card providers, mobile service companies, online retail stores, and banks.
The cybercriminals aim to deceive unsuspecting users with fake medical pages using subject lines like “The new Employee Request Form for leave within the Family and Medical Leave Act (FMLA)” to capture users' sensitive details having been tricked into opening such forms.
More About The CV Banking Malware
Check Point researchers opined that they have recorded an increase in CV-themed scams within the United States in the last two months with the number of malicious files in CVs haven doubled.
For every 450 malicious files identified, 1 out of them is related to a CV file as hackers try to exploit the increase in unemployment and various palliative measures introduced by the government to cushion the negative financial effect arising from the pandemic.
Check Point’s Data Intelligence Manager, Omer Dembinsky concluded by saying that the rise in the unemployment figures has also given rise to cybercriminals who will keep using CVs to maliciously access vital information, notably details related to banking and finances. “I strongly advise the public to be security conscient by not clicking on any CV attached link to avoid being a victim of financial cyber-attack.