It pays to be careful of URLs you click on, even if it supposedly leads to well-known websites. As a fact, malware is often spread via websites impersonating other well-known ones. Recently, ESET found new ones mimicking the Microsoft Store and Spotify.
According to BleepingComputer, attackers are using these fake websites to steal credit card info and passwords. So far, ESET has found a fake Microsoft Store, Spotify, and online document converter. The targeted region seems to be South America, but it won't be surprising if more regions become targets for attacks.
#BREAKING Beware of active infostealer campaign mimicking Microsoft Windows Store, Spotify and FreePdfConvert apps targeting countries in South America. #ESETresearch @jiriatvirlab 1/3 pic.twitter.com/bizy5ie3GQ
— ESET research (@ESETresearch) April 19, 2021
Based on the report, these websites are spreading the Ficker malware. What it does is steal information and user credentials that are saved in web browsers, messaging apps, and FTP clients. The malware can also steal documents, take screenshots of your running apps, and steal from a user's cryptocurrency wallet.
Anyway, if you see any website like the above, make sure it has the correct URL and certificate information. With that said, have you encountered any other fake websites like the above? Help spread the word in the comments below! Also, stay tuned to TechNave for more news like this.
COMMENTS