����vlog

A sinister banking Trojan continues to target customers across the globe. Trickbot, which began gaining notoriety last fall, can send more than 75,000 emails in less than 30 minutes through the same Windows vulnerability exploited by WannaCry in May. How does it work?Trickbot dupes victims with emails that appear to be from their banks. The messages ask them to update personal information by downloading and signing attached documents. If they enable macros to edit the docs, the malicious payload is downloaded, giving the malware access to the device. Victims are then taken to a fake landing page that looks like the real thing - it often has the bank's actual URL and authentic SSL certificate. Once customers sign into accounts, cybercriminals are given full access to their personal and financial data. The scam is easy to fall for, but cybersecurity experts warn recipients to look closely at the address of any suspicious email - it will often contain minor spelling or grammatical errors that indicate fraud. "TrickBot evolves and changes almost every day and targets new banks all over the world, so all banks should be on alert," Sigurdur Stefnission, vice president of threat research at Cyren, told ZDNet on Monday. Here's how to avoid banking scams.