What’s new: A new phishing campaign in Brazil is utilizing AI-powered website building tools to create replica sites of government agencies, tricking users into making payments and collecting sensitive personal information. Additionally, a malware campaign distributing the Efimer Trojan has been detected, targeting cryptocurrency users through malicious emails and compromised WordPress sites, affecting over 5,000 victims.
Who’s affected
The phishing campaign primarily targets Brazilian citizens, aiming to collect personal data such as CPF numbers and induce payments. The Efimer Trojan campaign has impacted users globally, with significant infections reported in Brazil, India, Spain, Russia, Italy, Germany, the U.K., Canada, France, and Portugal.
What to do
- Implement strong email filtering to block malicious attachments and links.
- Educate users on identifying phishing attempts and suspicious websites.
- Regularly update and patch systems, especially WordPress installations, to mitigate vulnerabilities.
- Encourage the use of two-factor authentication for cryptocurrency wallets and sensitive accounts.
