A new phishing campaign purporting to offer Personal Protective Equipment, but in fact is spreading the spyware agent Tesla, has been increasingly appearing in inboxes over the past few weeks.
We have seen different variants of this spoofing of legitimate companies offering face masks and other PPE. However, one marked difference is that the phishing emails contain an attached fake PDF file.
The file is typically named: "Supplier-Face Mask Forehead Thermometer.pdf.gz,”. If the file is opened and unzipped, macros are enabled, and the agent Tesla malware is downloaded to the now compromised device.
Hackers use this spyware to connect to your PC and harvest data. This will include password data, which they will likely sell on the dark web.
What can you do if you’re infected?
Once detected many malware scans will pick up on the malware, some of which will detect and remove the threat.
You need to ensure that you choose the right anti-virus and malware protection not just the cheapest to buy.
Be careful downloading anti-malware off sponsored links on the internet too. Many of these are actually malware themselves or will advise you on many malware issues which don’t exist and require money to resolve.
Contact your IT support company for advice on the right software to remove malware.
If they cannot help, then do contact us on 0800 404 8888 (option 3) or email firstname.lastname@example.org.