Want a quick way to make security personal for your employees?
Then let them know about a new malware variant that Proofpoint has dubbed "Vega Stealer."
Delivered through phishing email campaigns that (so far) mimic Office365 related messaging, it goes after key browser stored information such as credit card details.
For example, says Proofpoint:
"One of the goals of Vega appears to be gathering and exfiltrating saved data from the Google Chrome browser," including:
- Passwords (the “logins” SQLite table contains URLs and username and password pairs)
- Saved credit cards (the “credit_cards” autofill table contains name, expiration date, and card number)
- Profiles (the “autofill_profile_names” table contains first, middle, and last name)
- Cookies
Other browsers are seeing similar attacks, according to the new report.
Researchers say the bad attackers tied to this campaign appear to be linked to a couple of different banking Trojans, as well. So, while it appears this May 2018 distribution of Vega Stealer was small scale, it may simply be a test run.
Auto-fills are a real time-saver for your employees, both at work and at home. But if they fall victim to this phishing campaign, it could compromise everything they've stored in their browsers.
And that wouldn't be convenient, at all.
