Cybercriminals have impersonated the Office 365 service. They encourage browser updates by “tapping” users with a Trojan that steals passwords on accounts on the computer. The attack is targeted at Windows users.
The latest attack on Office 365 users is very simple. At the same time it’s quite effective. Cybercriminals have created a website that illusively resembles a popular Microsoft website , reports MalwareHunterTeam.
Fraudsters focused on every possible detail of the site. The site has been mapped so accurately that even the links on it lead to the official sites of Microsoft. Works on the most popular web browsers – Google Chrome and Mozilla Firefox.
The fake website detects what browser the user is using and encourages them to update it. Cyber criminals inform in a pop-up window that without downloading the upgrade, the Office page may not work properly. This may tempt the unconscious users to click the “update” button (upgrade).
Clicking instead of downloading, the patch will install the TrickBot Trojan, which scans the computer for saved passwords to online accounts. If it finds one, it sends them to the servers of criminals. By the way, it also shares with the scammers the history of the browser and automatically filled up data. (eg logins, e-mail addresses) that can help criminals break into victims’ accounts.
The malware quite well masks itself in Windows , so it will be hard to detect its presence by itself. However, the majority of antiviruses should be able to find the threat . However, we can never be 100% sure. For security, it is worth checking twice the address of the website we use.