This scary malware screenshots your system to see if you’re worth hacking

February 13, 2023

By Kim Komando

It turns out that not every target is worth hacking, and cybercriminals are using a new phishing scheme to sift through information to search for a lucrative payday. Their goal, as always, is to rip you off. But if your system doesn’t appear to be cyberattack worthy, they might leave you alone.

Read on to find out how thieves are targeting your system with malware to determine if you have what they’re looking for.

Cybercriminals spying on your device

A new phishing attack is designed to find out if you have enough valuable information on your system to steal. Here’s how it works. Criminals are sending emails containing malicious links or attachments, hoping you’ll click on them. If you do, malware is installed on your system. This is where it gets interesting.

According to cybersecurity company Proofpoint, TA866 malware takes screenshots of your system and sends them to the thieves. If you’re determined to be a valuable target, more malware will be installed to steal crypto wallets, passwords stored on your browser, files and other valuable information.

“When the threat actor was satisfied with the screenshot(s) from the infected machine, an MSI package containing the initial component of the AHK Bot was made available for WasabiSeed to download,” Proofpoint explains.

The key to avoiding being victimized by this attack is not falling for the initial phishing email.

How to spot phishing emails

Even though this is an elaborate scheme with the end goal of ripping you off, it’s basically another form of phishing. If you follow proper safety methods and know how to spot phishing attacks, you can stay protected.

Here are some ways to avoid falling victim to phishing attacks:

• Safeguard your information — Never give out personal data if you don’t know the sender of a text or email or can’t verify their identity. Criminals only need your name, email address and telephone number to rip you off.
• Always use 2FA — Use two-factor authentication (2FA) for better security whenever available. Tap or click here for details on 2FA.
• Avoid links and attachments — Don’t click on links or attachments you receive in unsolicited emails. They could be malicious, infect your device with malware and/or steal sensitive information.
• Use strong, unique passwords — Tap or click here for an easy way to follow this step with password managers.
• Antivirus is vital — Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Stop looking for free software this way – It’s a malware trap

Using free antivirus? Beware of companies that sell your data or even plant malware