TrickBots

Sneaky Trojan Malware

Taba Zimmerman

Trick Bots are modular banking trojans that target sensitive information and act as droppers for other malware. Some kinds of information they steal include, but are not limited to:

  • Banking information

  • Usernames and passwords

  • Phone numbers

  • Street addresses

  • Email addresses

This type of malware is distributed via unsolicited emails that direct users to download malware from malicious websites or trick users into opening attachments that contain malware. Once the malware has downloaded on the user’s system, whenever the user types the URL for their banking site (or other sites with personal information), the malware uses one of two types of web injections:

  1. Redirection attacks: send the victims to fraudulent site replicas when they navigate to certain websites.

  2. Server side injection: intercepts the response from a site’s server and redirects it to the CTA’s server, where the CTA steals victim information through form grabbing.

Prevention recommendations of TrickBot infection include, but are not limited to:

  • Provide social engineering and phishing training to employees

  • Mark external emails with a banner denoting it is from an external source to assist users in detecting spoof emails

  • Apply applicable patches and updates immediately after appropriate testing

  • Report suspicious emails to your IT provider


BeCloud’s SecureIT service provides cost effective solutions for malware detection, antivirus software, and employee training to help keep your systems and information safe and secure.

Decrease risk choose BeCloud's Managed Services.

Join us and secure your company's network.