Cyber hackers have something for every target on their Christmas list as the new Star Wars movie, Taylor Swift fandom and fascination over climate activist Greta Thunberg are being exploited to steal data and even mine bitcoin from your computer.
Phishing email scams featuring Thunberg are harbouring the Emotet banking Trojan virus, according to cybersecurity firm Proofpoint.
First identified in 2014, Emotet is designed to pilfer sensitive financial information from infected computer systems.
Proofpoint also provides an example of the email containing the Thunberg Emotet with the following description.
“(It) combines the following four elements: renowned Swedish environmental activist Greta Thunberg; Christmas holidays; environmental awareness and activism; Time Magazine’s recent naming of Thunberg as their ‘Person of the Year.’”
Proofpoint says the Emotet virus “recently made a specific comeback” in 2019 and accounted for 12 percent of malicious emails in the third quarter (July-Aug).
And in a different kind of scam that secretly uses your computer’s operating power, hackers behind the cryptocurrency-mining botnet Mykingz are hiding EXE malware in a JPEG of American pop singer Taylor Swift.
Also known as Hexmen or DarkCloud, those behind MyKingz target Windows systems with their mining apps that once infected, can harness a device’s resources to surreptitiously mine bitcoin.
According to ZDNet, masking malicious EXE files inside of an image can fool security systems of larger networks where proliferation of the botnets can maximize their effectiveness.
And a recent PC Magazine story reports that cybercriminals have stooped to using the new Star Wars: The Rise of Skywalker movie to trick fans into relinquishing credit card information.
Antivirus provider Kaspersky Lab has already uncovered more than 30 fake websites and social media profiles purporting to be official Star Wars film accounts offering free tickets or online streaming of the film in exchange for credit card registration.
But protecting your own personal information when engaging with point-of-contact emails or alluring websites, offers limited security assurance in this age of instant communication and data transfer.
According to the Office of the Privacy Commissioner, more than 28 million Canadians had their personal information exposed following 680 security hacks at Canadian banks, airlines and telecommunications firms in 2019.