The US Department of Homeland Security recently issued an alert (yep, it’s that serious) about Dridex malware, a devastating scam that has resulted in an estimated $10 million dollars worth of theft by way of stealing banking credentials.
As we mentioned in this post about phishing scams becoming smarter, Dridex has been able to employ a number of deceiving tactics that make their emails harder to identify. For example, their email addresses appear to be entirely legitimate to the naked eye (i.e. email@example.com, firstname.lastname@example.org), and contain attachment names to pique curiosity in the reader (invoice.doc, receipt.xl).
While this is certainly as serious as it sounds, you can easily protect yourself. First, keep all of your banking activities within the secure, official apps or websites they provide to you. Remember never to open any emails or attachments that look even slightly suspicious- and if you aren’t sure, just call or email your bank. If it doesn’t feel right, it probably isn’t right!