Black Lives Matter Scams Steal Passwords and Personal Data — What to Do

Black Lives Matter Scams Steal Passwords and Personal Data — What to Do

Security researchers are warning about malicious e-mail messages purporting to be anonymous polls about the "Black Lives Matter" (BLM) movement.

The most common message, discovered by Zurich-based cybersecurity firm Abuse.ch, urges recipients to "vote" on BLM issues using a Word document and infects the victim's Windows PC with TrickBot malware.

TrickBot is a widely distributed Trojan horse that steals personal information such as bank logins, online passwords, cookies, and web history. It can also be used to distribute ransomware throughout an infected network, often appearing to come from a trusted organization.

According to Bleeping Computer, the email identified by Abuse.ch purports to be an email from the "country administration" regarding the "Black Lives Matter" movement with the subject line: Black Lives Matter Please leave a confidential review about.

Recipients are encouraged to vote anonymously and leave a review about Black Lives Matter by filling out a form entitled "e-vote_form_3438.doc."

After downloading and opening the document, victims are prompted to click "enable editing" and "enable content" to access the content.

However, the reality is that clicking these buttons downloads a malicious dynamic link library onto the victim's computer. Then, unbeknownst to the user, their personal information is accessed and stolen by the Trickbot malware.

There are many things that can be done to protect devices from the TrickBot Trojan, including keeping the OS up-to-date, using the best anti-virus software, setting up multi-factor authentication, and only opening emails from trusted sources.

Categories