Email: Cases of online fraud have been coming to light in India before but now cyber criminals have adopted a new method. According to recent reports, hackers are targeting people through fake e-mails that look exactly like notices from the Income Tax Department of India. In these mails, pressure is created on the users to take immediate action by showing the fear of tax penalty or fine.
How does this phishing scam work?
Cyber ​​security experts have found that a ZIP file is attached to such fake e-mails. As soon as the user downloads it, a multi-stage infection starts in the system. The purpose of this entire attack is to install the banking trojan Blackmoon in the system with which a genuine but misused tool is also attached.
misuse of genuine software
An enterprise management tool called SyncFuture Terminal Security Management (TSM) is being misused in this attack. This software is generally designed for companies but cyber criminals are using it for espionage and data theft. According to researchers, through this the attackers gain control over the system for a long time and can continuously monitor the user’s activities.
How does the attack start?
According to the report, there are many hidden files inside the ZIP file, but the user can see only one file whose name is kept like a government document. As soon as it is opened, the malware becomes active and connects to the external server and downloads other dangerous files. All this runs like a legitimate Windows process so that no one gets suspicious.
Hackers gain complete control over the system
Once malware is installed, hackers can not only steal vital data but also gain complete control over the PC. This includes monitoring user activity in real-time, dodging security software, and remaining in the system for a long time. Experts say that the technologies used in this attack are quite advanced which shows the serious intentions of the hackers.
Also read:
WhatsApp users beware! If you don’t know these secret safety features, your account can also be hacked.
