As the massive US and global protests continue following the killing of George Floyd, a new phishing operation is attempting to leverage the BLM movement.
📱 Malicious actors are attempting to spread the TrickBot modular banking trojan via phishing emails that ask recipients to “Leave a review confidentially about Black Lives Matter.”
📄 Senders identify themselves as the country's authority and ask recipients to fill out the attached document.
❗️ Individuals who open the document are asked to enable malicious macros that download and execute a DLL payload onto the victim’s computer.
Phishing actors often capitalize on current events such as any campaigns and use them in their phishing themes to entice victims to engage – whether clicking a link, opening an attachment or entering credentials