CYBERSECURITY experts have warned that a dangerous file hidden within an email is draining crypto wallets.
Whether you have crypto or just want to protect your regular bank account, it's worth watching out for these emails and deleting them immediately.
Specialists at Kaspersky are referring to the crypto attack as a "DoubleFinger infection."
DoubleFinger is a type of advanced malware that downloads a crypto-stealing infection called GreetingGhoul.
According to the experts, the attack starts with an "email containing a malicious PIF file."
Victims open the attachment in the email and accidentally let the infection run loose on their devices.
READ MORE ON GMAIL
Benefits calculator reveals if you’re one of 8million missing out on cash
DoubleFinger can bypass security software installed on computers.
It manipulates a device until it can load GreetingGhoul crypto stealer.
GreetingGhoul detects any crypto wallets and steals information to send back to the hackers.
This gives cybercriminals control and the ability to steal funds.
Most read in Tech
I catch people going in MY garden – they have the cheek to say I’M in the wrong
Sky TV customers receive 7 free channels TOMORROW in latest upgrade – full list
Upcoming Star Wars game gets its first trailer – and fans are stunned
Android users warned over bank raiding apps – there's 4 ways to protect yourself
The attack started with a simple mistake that all email users should be wary of.
You should never click on or download suspicious files within emails.
General anti-phishing advice could save people from this money-draining disaster and any similar attacks.
HOW TO AVOID A PHISHING SCAM
Be thorough when checking who the email is from.
Even if it looks official, double-check the email and look for any spelling mistakes or slight abnormalities in the sender's email address.
Never feel pressurised into opening an attachment and avoid clicking the phrase "enable content."
You should also be wary of links in emails.
If you're certain an email you have received is a scam, report it to your email provider and delete it.
Source: Read Full Article