One of the biggest threats is ryuk which is a strain of malware. Now, it is being attached to attacks on the health care system … should we be surprised?
Emotet, is a deploying mechanism that was used as part of many lures that attackers can use now.
I’m almost tempted to tell people not to send me attachments, but instead, to use my send space drop box facility. If actors want to upload files up there, it isn’t coming to me directly, and I get emailed every time I receive a file. I can go up there, and if I think its a threat, I can delete it without it ever touching my system. You don’t know how these things are coming, but one way it could is via attachment you have to run.
In this case, a paragraph from the article says:
The email lures often masquerade as corporate communications and link to a compromised site hosting Emotet. Many of the emails include recipient specific
information such as name of employer name in the subject line or email body.
If this were a file attachment instead, they can sure drop it in my dropbox, where I can investigate it and decide if its something I want. I’ve already made the decision that I’m not opening links I am not expecting, and I’m getting out of the business of clicking to click because I’m curious. Its going to become dangerous now, and we should learn.
In the article, there are many subject lines used and at the bottom of this Phish labs article entitled Ryuk Ransomware Targeting Healthcare for you to peruse.
Most email from businesses will put yuour name in the body, not in the subject, especially your full name. Some may have your first name as part of its subject line for deals and things to buy, but its from merchants you’ve baught from before.
Have you seen anything like this before? How did you deal with it?
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.