Researchers at Malwarebytes and X-Force IRIS have come across an ongoing phishing campaign that’s using romance-themed emails to distribute the Nemty ransomware, BleepingComputer reports. The emails have subject lines like “I love you,” “Letter for you,” “Will be our secret,” and “Can't forget you.” The body of the emails simply contains a winking emoji ;) and an attachment. The attachment’s file name begins with “LOVE_YOU” followed by a series of numbers.
Malwarebytes concludes that the attackers believe the cryptic nature of the message is enough to entice victims into opening the attachment. The messages also have the advantage of avoiding the typos that are often present in more verbose phishing emails.
Employees need to know how to recognize social engineering hooks in order to avoid falling for this type of attack. Any mysterious email that contains an attachment or a link should be treated with suspicion, especially if it makes you want to click against your better judgment. New-school security awareness training can enable your employees to identify these tactics when they encounter them in the real world.
BleepingComputer has the story: https://www.bleepingcomputer.com/news/security/nemty-ransomware-actively-distributed-via-love-letter-spam/