Recently, a major multimedia channel in the U.S.—Fox News—issued an important warning about a new and highly sophisticated online scam. This scam specifically targets Windows users with the intent of stealing data and taking control of victims' computers through malware-controlled remote access software. This attack is considered a more advanced form of email phishing compared to previous methods, exploiting users' psychology and leveraging Windows' credibility to lower their guard and fall into the trap more easily.
A new phishing attack targeting windows users
According to a warning from Fox News, hackers are now crafting fake emails that closely resemble legitimate Windows security alerts, making it difficult for users to distinguish between real and fraudulent messages. These scammers send urgent-looking fake notifications in the form of pop-ups, claiming that "device access has been temporarily suspended due to security reasons," tricking users into clicking to investigate further.
The fake notification includes an audio message that repeats with an alarm sound, creating a sense of urgency and danger. Victims are pressured to call a provided phone number to "resolve" the issue immediately. The attackers then impersonate Windows support technicians, instructing victims to download and install UltraViewer, a remote control software, under the pretense of checking their computer for security threats. Once granted remote access, the scammers exploit the software to search for and steal sensitive data stored on the victim’s device. This stolen information can be used for illegal activities such as demanding high ransoms for data recovery or selling personal and confidential data on social media platforms and dark web marketplaces, severely affecting the victim’s reputation and financial security.
See more: The harm of ransomware malware to businesses and effective protection methods
How to prevent online phishing attacks?
Cybersecurity experts recommend that users remain cautious when receiving urgent email notifications, carefully verifying information through official Windows support channels or contact numbers. Users should avoid following instructions or responding through any communication methods provided in suspicious messages. If any signs of fraud are detected, individuals should promptly report them to the relevant authorities for investigation and intervention. Additionally, to enhance security and prevent cyber threats, users should implement the following measures:
Enable firewall protection on their devices to detect and alert potential security threats.
Use strong passwords for important accounts.
Regularly update security software to patch vulnerabilities and prevent exploitation.
Enable two-factor authentication (2FA) combined with hardware security keys to prevent unauthorized access. Security keys like YubiKey are highly recommended by experts for their strong phishing-resistant protection. Using FIDO2/WebAuthn protocols, YubiKey ensures passwordless authentication and only works with legitimate websites registered in advance, allowing access exclusively for the rightful key owner.
Source: Vietnamnet Newspaper