Spam, spam and more spam. It’s a real problem for tech departments everywhere and the problem just got bigger and will continue to get bigger, as long as IT professionals neglect to educate users on their network, on the importance of not opening emails that they do not recognise. It Is also of utmost importance that IT departments stay up to date with the latest Cyber Security threats and how to deal with these threats.
Onliner, a recently uncovered spambot had a list of over 711 million email addresses, making it the single largest source of compromised accounts in the history of “Have I Been Pwned”, a site that tracks such statistics. I recommend that you head over there right now to see if your email address has not been compromised. If your email address is flagged as compromised it is advised that you change your email password immediately.
This is a very serious discovery in the world of cyber security as it shows the intensity of the fight the Cyber Security professional have on their hands.
How this spambot works is it spreads the bank credential stealing Ursnif malware, and any unsuspecting user can have their banking information stolen without their knowledge, by merely opening an email, without clicking on the links in the email.
When you open this email you are unknowingly downloading a one-pixel image with the message, which pings the host server with your IP address, system information, and other data that Onliner uses to determine if you are a good target for Ursnif.
Ursnif not only steals your banking credentials but allows further malware to be downloaded on the infected computer.
Spambots can also be used for web scanning, social engineering and phishing attacks.
If you haven’t already I suggest you head over to Have I been Pwned to see if your email address has been compromised.
You can also scan your machine for malware by downloading Malware Bytes.
For a full network security audit you can contact Call IT Services at firstname.lastname@example.org .
Stay Safe Online!