A very harmful email scam is spreading ransomware and other harmful software like cryptocurrency miners and botnet programs. These can send out spam emails from your accounts without you realizing it.
Usually, it’s easy to spot phishing scams, but this one tricked many people. They opened spam emails and downloaded harmful Zip files. It was so widespread that it became the second-most reported malware in June 2020, according to a cybersecurity company called Check Point (reported by ZDNet).
What’s the scam’s big secret to success? It sends emails with a winky face as the subject line. Yes, really!
The campaign uses a dangerous botnet called “Phorpiex.” A botnet is a big group of computers that hackers have infected with harmful software. They use these computers to send out malware through emails and other messaging apps to many people at once.
A computer can be part of this botnet without the owner knowing, and it doesn’t even need to have the same bad software that it’s sending to others. Also, there’s no main computer controlling everything. The botnet keeps working as long as at least one computer is infected and being misused.
If you get an email with a winking emoji and a zip file with a catchy name, don’t open it. The zip file likely contains malware, which is very dangerous for your computer’s safety and your privacy.
If the email looks like it’s from someone you know, contact them in a different way — don’t reply directly to that email. Let them know their computer might be at risk.
We also have tips on how to notice and block phishing emails and fake websites. Plus, we offer advice on how to prevent and deal with possible ransomware or other malware threats. Using good antivirus software and blocking harmful ads and suspicious web trackers can help protect you and your data.