Trickbot scams have reached a high point leading up to Tax Day.
The virus has been stealing tax information and is sending fraudulent reports to steal peoples’ tax returns.
What is Trickbot and what is it doing?
Trickbot is a trojan virus that has been around since 2016. It affects Windows computers
It typically comes from opening a maliciously crafted email. The emails typically impersonate a payroll provider and look like this:
Trickbot sifts through your computer looking for password and login information typically related to your banking. The virus then sends the information back to the attacker.
Trickbot has evolved throughout the years to target more and more financial information. Now, Trickbot has the ability to even steal cryptocurrency.
Trickbot is especially concerning for businesses. The virus just needs to trick one unlucky person, and then it can potentially access all of a company’s financial information.
The solution is simple: frequent virus scans with an app like Malwarebytes.
To further protect yourself, Malwarebytes also recommends the following actions.
- Identify the infected machine(s)
- Disconnect the infected machines from the network
- Patch for EternalBlue
- Disable administrative shares
- Remove the Trickbot trojan
- Change account credentials
For a bit of extra caution, check the charges on your credit cards for suspicious activity.
Malwarebytes scans your device in its entirety, showing you the problematic items found once complete. From there, you decide what to remove, and what to keep.
Trickbot does not have symptoms visible to the average user. However, according to the Malwarebytes website, a network admin will likely see changes in traffic or attempts to reach out to blacklisted IPs and domains.
Trickbot is, well, tricky. You should run a virus scan daily to ensure that you aren’t at risk, and that you won’t have your hard-earned money stolen.