February 9, 2023

NCC issues advisories to Nigerians over ‘threat actors’

By Juliet Umeh

THE Nigerian Communications Commission’s Computer Security Incident Response Team, NCC-CSIRT,  has rolled out advisories in the first few weeks of 2023 as cyber threat actors continue to devise means of compromising their targets.

The latest of such advisories urged users to be mindful after attackers used Microsoft OneNote attachments in phishing emails that infected victims with remote access malware, which may allow hackers to remotely access vital information on victims’ devices.

The team advised users not to open files from people they do not know, not to click ‘OK’ and immediately exit the application if they received a warning that opening an attachment or link could damage their computer or files and to promptly share an unknown email they believed to be genuine with a security or Windows administrator to assist in determining whether the file is secure.

It had recently advised people not to open attachments in suspicious emails and to only purchase or download applications from official websites in response to the discovery of phishing malware that can gain unauthorized access to sensitive user data and download further malware.

The team reported that cybersecurity analysts at ASEC (South Korea’s cybersecurity emergency response centre), discovered a NetSupport RAT malware being distributed by threat actors from a phishing website disguised as a popular Pokemon card game.