Cyber attackers are stealing online banking users' personal information, account credentials and money through a sophisticated phishing campaign using malicious code called Dridex.
What is Dridex?
Dridex employs a tactic in which malicious code is imbedded in Microsoft Word documents. To launch an attack, hackers send a high-volume of believable scam emails with a malicious document attached, often impersonating the email domains of trusted companies such as financial institutions. The attachments appear to be harmless account-related documents, such as statements or invoices, to the unsuspecting recipient. After the attachment is opened, Dridex malware monitors for activity related to online banking and steals personal data.
How do you protect yourself from Dridex?
Keeping your anti-virus software up-to-date and security patches current will help defend you against Dridex and other cyber threats. Also, data-breach-detection software with "sandboxing" capabilities can help mitigate this specific type of malware. Sandboxing is when emails are placed in a protected environment so the recipient can safely open them and any attachments to observe the end-goal of the campaign without the risk of infecting the computer or network.
To learn more about UHCU’s fraud prevention practices and tips, click here