When Black Lives Matter…Speculative Phishing strikes again

The European Parliament votes on a ‘Black Lives Matter’ resolution that condemns all forms of racism, hatred and violence…but cyber criminals exploit the virality of the phenomenon to satisfy their criminal intents.

Speculative phishing is nothing new: the latest massive phishing campaign exploited the anxiety that Covid-19 spread among the population, and just a few months before, “green movements” and Greta Thunberg’s green battle.

The attack mode is always similar: these emails contain informative attachments and also links that promise constant informative updates on various hot topics. 

Cyber Crime in now focused on this new phenomenon, that held a wide appeal with the general public thanks to anti-racism movements. The goal is to speculate on this issue’s resonance to spread “Trickbot“, a malware specialized in information theft. 

“Support Black Lives Matter movement anonymously”…but it’s Phishing

The “Black Lives Matter” scam begins with a phishing email with “Support Black Lives Matter anonymously” in subject. 

The goal is to spread the TrickBot Trojan: originally developed to collect banking login credentials, TrickBot has evolved over the years and became increasingly insidious. Their creators are considered one of the most dangerous cyber-criminal groups in the world. 

The email prompts the recipient to fill in and return an attached document called “e-vote_form_3438.doc” to support the cause. Unfortunately, the purpose of these messages is to infect devices with a sophisticated malware that steals sensitive information and also bank details. 

But opening the attachment activates the installation of TrickBot: the program is all set to start collecting sensitive information. 

Although it is not a very sophisticated phishing attack, the “Black Lives Matter” appears to come from a government agency. However, spotting the threat is not that hard: the sender’s email address appears false and, above all, a government agency sending out this type of email looks pretty unrealistic.

How to prevent Speculative Phishing 

The first advice is not to act impulsively and analyze the email content carefully, especially if the message requires to take an action such as opening a link or an attachment. 

In general, always remember to: 

  1. Avoid clicking links and opening attachments in unexpected or suspicious emails, without validating the source first. 
  1. Always install antivirus or system software updates. 
  1. Back up your data regularly. 
  1. Download attachments, but only from trusted sources. 
  1. Pay attention to the spelling of the mail or web page. If there are inconsistencies, errors, or poor quality images, beware! 
  1. Always question the authenticity of any email that contains requests for personal or financial information. 
  1. Use strong passwords to protect your devices.
The Human Factor against Speculative Phishing 

The human factor remains the most effective tool against Cyber Crime today. To master this factor, organizations need to provide e-learning training ​​courses on Cyber Security Awareness. This will enable all non-specialist personnel to recognize cyber threats and protect their organization sensitive data. 

We can only defeat speculative phishing threats through effective and ongoing training activities on Security Awareness. 

For more info…