Earlier this month we revealed a new security advisory platform — Barracuda Security Insight, which provides real-time threat intelligence and risk information to help raise awareness about the current IT security threat levels. One of the reasons we’re excited about the platform is because anyone with Internet access can use it as a way to check in on the different threats that might be lurking around the web.
For example, if we’re seeing an uptick in PDFs that contain malware, Barracuda Security Insight will flag this threat as a “critical alert,” with a description of the threat so people know what to avoid as they go about their day. For this month’s Threat Spotlight, we are taking a look at a recent “critical alert” that was flagged by Security Insight for attempting to steal user passwords by using attached Word or Excel documents that claim to be tax forms or other official documents. Cybercriminals regularly go after user passwords and credentials; however, we’re continuing to see criminals come up with clever ways to persuade users into sacrificing their sensitive information. Here’s what we found this time:
Password Stealers — Cybercriminals are using common attachment file types to steal user passwords.