SCAM OF THE WEEK: Summit Sabotage

Earlier this year, an established cybercriminal group targeted the Women Political Leaders (WPL) Summit held in Belgium. Summits and conferences provide a unique opportunity for cybercriminals to target people of power or those who are experts in their field. Whether you’re a speaker or an attendee, this attack is a great learning opportunity.

In this scam, the cybercriminals created a malicious website that looked like the official WPL Summit website. Then, they invited attendees of the WPL Summit to download photographs from the event. If downloaded, you would receive a ZIP file that contained legitimate photographs. Unfortunately, the file also contained a downloader for a popular piece of backdoor malware. Once installed, the cybercriminal group could monitor your device and steal sensitive information.
 
Follow the tips below to stay safe from scams like this:

• Stop and think before downloading anything from the internet. This type of cyberattack relies on impulsive downloads. 
• Always hover your mouse over a link to make sure that it leads to a legitimate and relevant website. Cybercriminals can easily make a website look official with logos and copied designs.
• Keep your devices up to date. Software updates often include security patches to protect you against known vulnerabilities.