It has been reported that previously unknown malware has been detected in widespread attacks against MercadoLivre, Latin America’s largest e-commerce platform. The malware, dubbed Chaes, is being deployed by a threat actor across the LATAM region to steal financial information.
Long gone are the days when malware writers did so simply for the fame and credit. We need to understand that, in today\’s world, malware is focused on monetary gain. Therefore, we can expect that attackers will treat their attacks as a revenue-generating business. As such, it is natural that they will look to determine where previous phishing attacks may have failed and apply the necessary changes. For instance, applying visual and textual corrections to make phishing emails look legitimate. Also, the timing of these phishing campaigns was not done haphazardly. It was planned to coincide at a time that many will be going online to shop for presents.
As always, people should refrain from opening attached documents that are sent to them over email. Likewise, they should not click on links in emails that lead to surveys, login pages, and so on. Individuals need to be careful, taking the time to check who had sent the email and where the links lead to. Attackers put in a lot of effort to make phishing emails look trustworthy, so you have to put even more effort into spotting them.
Long gone are the days when malware writers did so simply for the fame and credit. We need to understand that, in today\’s world, malware is focused on monetary gain. Therefore, we can expect that attackers will treat their attacks as a revenue-generating business. As such, it is natural that they will look to determine where previous phishing attacks may have failed and apply the necessary changes. For instance, applying visual and textual corrections to make phishing emails look legitimate. Also, the timing of these phishing campaigns was not done haphazardly. It was planned to coincide at a time that many will be going online to shop for presents.
As always, people should refrain from opening attached documents that are sent to them over email. Likewise, they should not click on links in emails that lead to surveys, login pages, and so on. Individuals need to be careful, taking the time to check who had sent the email and where the links lead to. Attackers put in a lot of effort to make phishing emails look trustworthy, so you have to put even more effort into spotting them.