Phishing emails are still a big danger to PC users, even in 2022

Hacker
(Image credit: Thianchai Sitthikongsak/Getty)

If there's one thing 2022 has proved, It's that it's not just your grandparent's computers you need to be worried about. In the era of Discord hosted malware and NFTs, there's more threats than ever before coming for your digital data. It's easy to forget that something as simple as phishing emails exist, and are causing big problems for people's security. 

Several sites are reporting an increase in phishing emails attempting to install malware on unsuspecting PCs. According to The Register, bad actors are using Microsoft Exchange servers that have been compromised to send out spam emails. Attached to the emails is an encrypted file, typically a .zip, continuing the malware known as IcedID.

The .zip file will often come with a password to unpack the file. In the emails this is presented as a layer of security to help make the victim feel more at ease. Instead entering the passcode will allow IcedID to immediately install onto the computer. 

This malware then provides a backdoor for further installations from the criminals. Often this access is sold to another party wanting to install ransomware onto the machine.

Window shopping

Windows 11 Square logo

(Image credit: Microsoft)

Windows 11 review: What we think of the new OS
How to install Windows 11: Safe and secure install
What you need to know before upgrading: Things to note before downloading the latest OS
Windows 11 TPM requirements: Microsoft's strict security policy

Intezer further explains that the reason these emails are so convincing is due to thread hijacking. The emails containing the malware are often presented as a reply to a previously stolen email, making them look more valid and less randomised. Intezer also does a bit of a deep dive into how this new attack campaign is working which is worth a look for anyone interested in the ins and outs of how their computer can be attacked.

So far it seems the emails are using fairly consistent language, requesting an unprocessed payment for a recent contract. It's all purposely vague which should help to raise red flags for many. The details for this contract are supposedly in the malicious attachment which you would need to unlock using the provided code. We would recommend not doing so, and maybe get in control of all those passwords while you're at it.

As always, downloading something, especially in a compressed format from an email is risky business. But when it looks like this email comes from a known source, it's understandable that people are being caught unawares. This is just another reminder to be ever vigilant against cyber attacks.

Hope Corrigan
Hardware Writer

Hope’s been writing about games for about a decade, starting out way back when on the Australian Nintendo fan site Vooks.net. Since then, she’s talked far too much about games and tech for publications such as Techlife, Byteside, IGN, and GameSpot. Of course there’s also here at PC Gamer, where she gets to indulge her inner hardware nerd with news and reviews. You can usually find Hope fawning over some art, tech, or likely a wonderful combination of them both and where relevant she’ll share them with you here. When she’s not writing about the amazing creations of others, she’s working on what she hopes will one day be her own. You can find her fictional chill out ambient far future sci-fi radio show/album/listening experience podcast right here. No, she’s not kidding.