Expert Comments

Expert On News: Bad USBs Sent To Best Buy Customers

Expert(s): Security Experts
Expert(s): Security Experts

A malicious USB device and letter was sent out that was in the guise of a gift card for Best Buy where users were thanked for being customers and the USB device supposedly had gifts customers could choose from up to $50.00. Instead, the USB contained a PowerShell code that installed a malicious JavaScript according to security researchers at Trustwave.

Experts Comments

March 30, 2020
Marc Gaffan
CEO
Hysolate
This is reminiscent of how phishing and some of the first ransomware attacks began - with physical mail. People would receive CD-ROMs or floppy disks in the mail claiming to have some valuable information or program on them. As soon as they insert it into their computer, the malware that was actually on the disk would execute, just as with this USB. This is a healthy reminder that phishing is not just in email format and users certainly can't trust the devices that are out there. That's why the .....Read More
This is reminiscent of how phishing and some of the first ransomware attacks began - with physical mail. People would receive CD-ROMs or floppy disks in the mail claiming to have some valuable information or program on them. As soon as they insert it into their computer, the malware that was actually on the disk would execute, just as with this USB. This is a healthy reminder that phishing is not just in email format and users certainly can't trust the devices that are out there. That's why the whole concept of zero trust first came to light. It's important for organizations to continue cyber security awareness training while also implementing policies (such as restricting use of external media) and solutions (such as OS isolation platforms) that can prevent even accidental end user errors from causing significant damage.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

Report Says Russian Hackers Haven’t Eased Spying Efforts, Expert Weighs...

BitMart Attack – Combatting Cyber Criminals’ Crypto Appetite

Expert Comments: Spar Stores Hit By Major Cyberattack

Expert Comment: Ceeloader Malware

Planned Parenthood LA breached, Experts Weigh In

Data Security Comment: Colorado Energy Company Loses 25 Years Of...

Colorado Energy Company DMEA Loses 25 Years Of Data After...

Governemnt Data Breach Of New Years Honours Recipients

New Malvertising Campaign Spreads Backdoors, Malicious Chrome Extensions

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts