Warning: Phishing Emails Impersonating Law Firms

On the 26th, AhnLab warned that intelligent phishing emails are being circulated, impersonating domestic law firms under the guise of 'Legal Violation Notifications.'

The recently discovered malicious emails contain Information Stealer malware designed to steal users' personal information, requiring heightened vigilance.

The attackers created a sophisticatedly disguised email that conveyed a message about legal notifications regarding copyright infringement, thereby generating psychological pressure on the recipients.

Specifically, they utilized a method of embedding a URL in the phrase 'Document collected from the police.pdf,' disguising it as an attachment and luring users to click with the wording 'Infringement evidence is attached.'

Operation and Risks of the Malware

According to AhnLab's analysis, clicking the disguised attachment link leads to the download of a compressed file (.zip) containing an executable file (.exe) and a dynamic link library (DLL) file.

Once the user executes this file, a malicious DLL file located in the same directory is activated, allowing the information-stealing malware to infiltrate the PC.

This type of Information Stealer malware has the characteristic of stealing various personal information such as account credentials, financial information, and screenshots from the infected computer and transmitting them to the attacker's server.

Stealing various personal information such as account credentials, financial information, and screenshots

Victims may be exposed to serious security threats without even realizing that their important information has been leaked.

Guidelines for Preventing Phishing Emails

AhnLab emphasized basic security measures to protect users from these phishing email attacks.

Attachments or URLs from untrusted sources should never be executed, and when accessing URLs, users must always verify them against the official site addresses of the respective companies and services.

Additionally, it's essential to apply the latest security patches for PCs, operating systems (OS), software, and internet browsers, and to keep the antivirus's real-time monitoring feature always activated.

Setting different passwords for each account is also a crucial method to prevent the spread of damages.

As intelligent phishing attacks become increasingly sophisticated, user awareness and adherence to basic security protocols are more important than ever.

Image Source: Phishing Email / Photo provided by AhnLab, illustrative material for better understanding of the article / Gettyimagesbank