A current phishing scam is purporting to be a message from the U.S. Postal Service (USPS) claiming recipients have missed an important delivery, but instead contains a malicious link. In recent phishing awareness posts, WaterISAC has highlighted threat actors using trusted brands in phishing campaigns to fool users more easily into downloading various malware. This particular campaign includes a message pretending to be from USPS asking users to click on a supposed invoice, which then opens a .zip file that hides a malicious Excel workbook. When the Excel workbook is opened, a prompt asks victims to click on “enable editing” which is designed to launch PowerShell to download Trickbot. Trickbot is notable due to its long association with Emotet and more recently to Diavol ransomware. Read more at ThreatPost.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!