Beware! These malware are masquerading as Microsoft and Google Chrome apps to cheat you
Cybersecurity experts are alerting people to stay safe from the increasing number of cybercrimes. Cybercriminals use techniques such as Trojan Horse and email lure to access private files and for financial scams.
By The Feed |
Cybersecurity specialists have alerted people against new and sophisticated spyware that poses as Microsoft and Google Chrome apps. Its purpose is to defraud Microsoft device owners of their money. 'Proofpoint', a business that defends against cyberattacks, has been monitoring this risky effort since March. They have seen that fraudsters are employing increasingly advanced strategies to execute crimes, as reported by the New York Post. Proofpoint discovered recently that this malware is being spread widely. It poses as phony upgrades for web browsers like Chrome and mimics well-known applications like Microsoft Word. The intention is to fool people into downloading malicious code that has the potential to do significant harm.
A smart, delayed cyberattack known as a Trojan Horse obtains access to private files, cryptocurrency, and individual user data. Frequently, it begins with a phony Google Chrome update notification from a hacked website. The letter instructs people to install malware unintentionally by copying and pasting a code into PowerShell, a tool for launching scripts on Windows machines. The "hijacker" is the individual who manipulates people to give them cryptocurrencies in this fraud. They accomplish this by taking money intended for someone else and giving it to themselves.
Email lure
They also use a technique called "email lure," which is similar to phishing. They send emails that appear to be from an organization or place of employment. The attachment to these emails appears to be a Microsoft Word document, but it's written in HTML code. Fake error messages, such as the one stating that you must install the "Word Online" extension, are contained within. It also features fictitious buttons that you are supposed to click to solve the issue. These emails sometimes request that you launch PowerShell and copy some code. In actuality, this code is a virus. Many people have been impacted by this type of attack, said Proofpoint.
Campaign and targets
According to Proofpoint, the mission involved distributing over 100,000 messages. The emails were directed towards thousands of organizations across the globe. As per the reports of the New York Post, Proofpoint stated that misleading error messages are created by clever social engineering. They pose as official operating system notifications. However, Proofpoint also stated some of the good points. They stated that you can protect yourself by being cautious. Never download anything that looks unauthorized or suspicious. Common software and browsers, such as Word and Chrome, never require you to type code into another program to function normally.
To deceive Microsoft device owners into downloading fake updates that contain harmful malware.
How do cybercriminals use Email lures to hack data?
They send emails posing as legitimate organizations with fake attachments that install viruses when opened or prompt users to copy malicious code.
How is the data hacked?
Trojan HorseA smart, delayed cyberattack known as a Trojan Horse obtains access to private files, cryptocurrency, and individual user data. Frequently, it begins with a phony Google Chrome update notification from a hacked website. The letter instructs people to install malware unintentionally by copying and pasting a code into PowerShell, a tool for launching scripts on Windows machines. The "hijacker" is the individual who manipulates people to give them cryptocurrencies in this fraud. They accomplish this by taking money intended for someone else and giving it to themselves.
Email lure
They also use a technique called "email lure," which is similar to phishing. They send emails that appear to be from an organization or place of employment. The attachment to these emails appears to be a Microsoft Word document, but it's written in HTML code. Fake error messages, such as the one stating that you must install the "Word Online" extension, are contained within. It also features fictitious buttons that you are supposed to click to solve the issue. These emails sometimes request that you launch PowerShell and copy some code. In actuality, this code is a virus. Many people have been impacted by this type of attack, said Proofpoint.
Campaign and targets
According to Proofpoint, the mission involved distributing over 100,000 messages. The emails were directed towards thousands of organizations across the globe. As per the reports of the New York Post, Proofpoint stated that misleading error messages are created by clever social engineering. They pose as official operating system notifications. However, Proofpoint also stated some of the good points. They stated that you can protect yourself by being cautious. Never download anything that looks unauthorized or suspicious. Common software and browsers, such as Word and Chrome, never require you to type code into another program to function normally.
ADVERTISEMENT
FAQs:
What is the purpose of the spyware mentioned by Proofpoint?To deceive Microsoft device owners into downloading fake updates that contain harmful malware.
How do cybercriminals use Email lures to hack data?
They send emails posing as legitimate organizations with fake attachments that install viruses when opened or prompt users to copy malicious code.
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
Related Articles
What is Mini Shai-Hulud npm supply chain attack, and was Microsoft and Socket hit by malware? Full explainer on npm malware spread2026-05-19T15:06:11Z- IPL 2026 scam season is here: Over 600 fake ticket sites, 400 malware-linked streams cheat fans2026-05-13T07:04:03Z
- What is wiper malware attack, and will Stryker Corp be able to recover from cyberattack? Here's how did medical technology giant come under attack2026-03-11T18:51:23Z
ADVERTISEMENT
