The Dridex malware gang takes advantage of the Christmas holidays and sends phishing emails presented as gift cards from Amazon. Dridex is an advanced and modular banking trojan who can perform various malicious activities such as theft credentials login, keystrokes, screenshots, and download / install further malware. This is a very dangerous trojan, as it gives to its hackers DoppelPaymer and BitPaymer access to compromised networks to deploy ransomware their.
When distributing malware, the hacking gangs usually use current times as "bait". In this case, they are taking advantage of the Christmas holidays by using them as phishing themes campaigns, to motivate unsuspecting people to open malicious attachments contained in emails.
This phishing campaign was discovered by the cyber security company Cybereason, which is presented as an Amazon gift card sent via email. This email is supposed to be a $ 100 gift voucher that a user must redeem by clicking a button embedded in the phishing email.
When someone clicks the button, they will unknowingly download malicious documents Word with names similar to "Amazon_Gift_Card", "Order_Gift_Cart" and "Amazon_eGift-Card".
When the attachments open, the recipient will be prompted to click the "Enable Content" button. If the user does this, malicious macros will be executed, during which Dridex malware will be downloaded and installed, and possibly others. payloads, In computer of the unsuspecting victim.
With the Christmas holidays in full swing and people celebrating by keeping their distance, Amazon gift cards are likely to be a common gift this season. However, it should be noted that Amazon will never ask you to download a file to redeem a gift card. On the contrary, a legal one e-mail Amazon gift card will contain a code that you redeem on the company site, to add money to your account.
If you receive an email pretending to be a gift card asking you to download and open Word documents, close it immediately. If you are still unsure if an eGift card is legal, contact the sender by phone and NOT by email, and ask if he is the one who sent you the gift.