Fake DNB Delivers Trick-bot Banking Trojan
Do NOT open the attachment which looks very legitimate that says there is a complaint against you from Dun & Bradstreet!
The email will come with the subject similar to “FW: Case 27627831” and pretends to come from “Dun & Bradstreet”. It is actually coming from a look-a-like domain with either a malicious zip attachment containing a .doc file or a .doc attachment. It is actually a Trickbot delivering a banking Trojan. Jacob Soo of VX Security says “As the malware authors are using email addresses that are similar to the real “Dun & BradStreet” and subjects that will scare or entice a user to read the email and open the attachment.” He actually shows the VBA embedded within the document that’s delivered on his blog. He continues, and I reiterate, “as a gentle reminder PLEASE be very CAREFUL with email attachments. All of these emails usually use Social Engineering tricks to persuade you to open the malicious attachments that come attached with the email.”>
Leave a Comment