It has been reported that info-stealing malware accounted for the three most widespread variants in October, comprising nearly a fifth (16%) of global detections, according to Check Point. The security vendor’s Global Threat Index for October 2022 is compiled from hundreds of millions of its own threat intelligence sensors, installed across customer networks, endpoints and mobile devices.
Most of these info-stealing malware variants spread through phishing emails. So to avoid them, organisations need to train staff how to spot and avoid phishing. Never click on links or attachments in unsolicited emails! Info stealers are primarily interested in stealing credentials like account passwords. Organizations can help defend against follow-on attacks by employing two-factor authentication. If 2FA is enabled, then even if an attacker manages to steal a password, they won’t be able to log into the affected account without the one-time passcode.
I know I’ve said this numerous times below, but educating employees and executives about the risks of opening attachments or clicking links found in emails and messages is of vital importance. Organisations and individuals can also provide added security for their accounts by enabling two-factor authorization when available. 2FA protects against keyloggers and other monitoring malware, as even if a bad actor is able to capture your login info, they will not have access to the second piece of the puzzle that is required to unlock an account.