Attack on customers of a Polish bank. Antivirus will not save you from it
Cybersecurity researchers have identified a new campaign targeting customers of one of the Polish banks.
Cybersecurity researchers from the company Trustwave identified a new phishing campaign using a banking Trojan Agent Tesla. In it, criminals impersonate one of the Polish banks, specifically Bank Handlowy in Warsaw, and then use fake emails to try to trick potential victims into installing the infected attachment.
Agent Tesla – what does he do and how to protect yourself?
This is not the first campaign of this type. However, experts point out a new tool used by criminals during the infection stage. It allows, among other things, on masking malicious code from antivirus software, which makes it significantly more difficult to protect against attack.
After installation, Agent Tesla runs on the infected computer, stealing the data we enter, including primarily login details to various services and websites. It has a function keylogger, so it records every key press. The collected information is then passed on to the criminal using SMTP protocol used by e-mail communication.
So how to protect yourself? Above all, be careful and do not open any suspicious attachments (especially executable files and archives). It is also worth installing an effective and, equally important, up-to-date antivirus. Even though it may prove ineffective in the described case, it will protect us against dozens, if not hundreds of other attacks.