Since 2016, a virus called TrickBot has caused a large number of mailbox infections, and it is still growing and expanding. Many professionals in the security field believe that TrickBot has become the biggest security threat to enterprises.
In a recent survey, Deep Instinct discovered a database of 250 million compromised email accounts. The database contains more than 25 million Gmail addresses, 19 million Yahoo.com addresses, and 11 million Hotmail.com addresses. There are dozens of mailboxes belonging to government workers, including the US Department of Justice, the State Department, the Department of Homeland Security, and the US Federal Aviation Administration.
Deep Instinct researchers say: The core of TrickBot is the Trojan. Malicious viruses are usually sent by e-mail—for example, a fake resume sent to the human resources department, and the virus is attached to the e-mail in the form of a Word or Excel file. Another trick is that TrickBot will use the infected computer mailbox to send virus mail to contacts in the mailbox to speed up TrickBot propagation and automatically clear the sent mail after sending. This is also an important reason for the rapid infection of the virus within a department or organization.