Black Lives Matter scam steals passwords and personal data — what to do
Malicious emails infect victim's computer with information-stealing malware
Security researchers are warning of malicious email messages that impersonate an anonymous vote on the Black Lives Matter (BLM) movement.
The most common message, discovered by Zurich-based cybersecurity firm Abuse.ch, encourages recipients to "vote" on BLM issues using a Word document, which then infects the victim’s Windows PC with the TrickBot malware.
- Best antivirus: protect yourself from scams with online security
- VPN: add a layer of extra protection thanks to a virtual private network
- Black Lives Matter: Donations, shirts, resources and how to help
TrickBot is a widely distributed Trojan that steals personal information such as banking logins, online passwords, cookies and web histories. It can also be used to distribute ransomware across an infected network, and often appear to come from a trusted organisation.
Taking advantage of BLM
Bleeping Computer reports that the email identified by Abuse.ch masquerades itself as an email from “Country administration” about the Black Lives Matter movement, with its subject reading: Leave a review confidentially about Black Lives Matter.
Recipients are encouraged to vote anonymously and leave reviews about Black Lives Matter by filling out a form entitled "e-vote_form_3438.doc."
After downloading and opening the document, victims are prompted to click “Enable Editing” and “Enable Content” in order to access the content.
But the reality of clicking on these buttons is that a malicious dynamic-link library is then downloaded onto the victim’s computer. Unknowingly to users, their personal information can then be accessed and stolen by the Trickbot malware.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
There are a number of things you can do to protect your devices from TrickBot Trojans, such as ensuring your OS is up-to-date, using the best antivirus software, and setting up multi-factor authentication and only opening emails from trusted sources.
- Read more: Safety and affordability combined with these cheap VPNs
Nicholas Fearn is a freelance technology journalist and copywriter from the Welsh valleys. His work has appeared in publications such as the FT, the Independent, the Daily Telegraph, The Next Web, T3, Android Central, Computer Weekly, and many others. He also happens to be a diehard Mariah Carey fan!