A cyber-security group has identified a potential phishing scam that has been hidden within fake Windows 11 documents, and appears to target one specific company, in order to steal information.
With Windows 11 available soon, it's thought that these documents were being used to spread malware, capitalizing on the interest in Microsoft's newest operating system.
What do we Know About the Scam?
Within the script of the harmful code are references to the Clearmind domain, a POS provider that the group have targeted before. According to Anomali, successfully infecting a user's device would allow FIN7 to access any user payment card details intended for Clearmind's payment network.
(Instructions for the fake Windows 11 document, courtesy of Anomali)
Who is Behind the Windows 11 Scam?
Anomali state that they believe with moderate ‘confidence' that the group FIN7 is responsible for the scam, as the format fits with the group's previous modus operandi.
FIN7 is a Russian criminal group that has been active for around six years, and is purportedly responsible for the theft of over 15 million payment card details, that has cost around one billion dollars in losses. In the past, members of the organization have been jailed in the US for attacks on US companies, including Fedir Hladyr in April of this year, who was identified as a high level manager within FIN7 and sentenced to 10 years for fraud and hacking.
How Can I Avoid the Scam?
Besides switching your computer language to Russian, Anomali believes that the fake documents were are most likely intended to be used in phishing operations, such as via email, so standard best practice security measures can help you steer clear.
Vigilance is key when avoiding scams, and ensuring that you are only downloading files from trusted sources is highly important. Also important, is ensuring that you don't open any files sent by email or over social media unless you are confident that they are legitimate. Anti-virus software can be a huge help here, actively scanning any files to automatically isolate or remove suspicious attachments.
It's also important to keep your software up to date. Yes, we appreciate that it can be a pain to have to update apps and operating systems, especially if they demand that you shut down your device to complete the process, but these updates regularly contain the latest security updates, which could well protect your device from malware down the line.