A spate of bogus "secure message" emails from financial institutions are making the rounds, following the high-profile Equifax breach, according to a report released today by Barracuda.
Over the past month, variants of the "secure message" email attacks have included malicious Word document attachments that rewrite directory files in users' computers once opened, according to Barracuda's Threat Spotlight report.
In some of these cases, depending on the script, the malware will remain dormant to avoid anti-virus detection when downloaded or opened but will spring into action later – potentially as ransomware.
Techniques used in these fraudulent "secure message" emails include impersonation of financial institutions, spoofed email domains and phishing attacks to get users to open the attachments or click on the links, the report notes.
Read more about the bogus "secure messages" here.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.