Cyber-crooks have been using the lure of popular Netflix TV series Squid Games to lure victims into infecting their devices with malware via email attachments.
Type of Scam: Malicious email attachment attack
Attack Type: Microsoft Office “macro” malware
Social Engineering Technique: Access to exclusive content or opportunities
Researchers at security company Proofpoint have discovered a malicious email campaign designed to lure email recipients into opening harmful email attachments by claiming recipients can watch exclusive footage of season 2 of Squid Games, or even audition to be in the new season.
The emails come with subject lines such as..
An example of such an email provided by Proofpoint is below.
According to Proofpoint, the criminals behind the email campaign are part of the TA575 network of malware crooks, and opening the harmful email attachments will result in the Dridex malware infecting a device.
In all instances, the recipient is urged to open the attached Excel file, which uses Macros to infect a device. Macros can be coded by third parties, including cybercrooks and are thus capable of infecting a device with malware. Microsoft Office programs like Excel will consequently disable Macros by default until a user enables them, meaning such attacks rely on a user enabling Macros after opening an infected Excel document.
Sponsored Content. Continued below...
If a user believes the email is genuine and opens the attached Excel file, and enables Macros, they will infect their computer with malware.
More on how Macro malware scams work can be found here.
Emails that claim a recipient can get early access or some type of exclusive opportunity is a common social engineering technique used by crooks to entice potential victims into clicking links or opening email attachments that can ultimately lead to a malware infection.