Security News > 2020 > December > Massive Subway UK phishing attack is pushing TrickBot malware
A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware.
TrickBot is a trojan malware infection commonly distributed through phishing campaigns or installed by other malware.
What is concerning about these phishing emails is that they include the user's first name, and some users are reporting they are being sent to emails only used for Subway.
This attack may indicate a data breach at Subway UK that allowed the threat actors to gain access to customer's names and email addresses.
The Subway phishing emails are using email subjects such as "Your order is being processed" and "We've received your order," and state that it is from Subcard, as shown below.
News URL
Related news
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- 99% of UK Businesses Faced Cyber Attacks in the Last Year (source)
- Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)