Watch out - that WeTransfer link could be a phishing scam TechRadar Skip to main content TechRadar is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us. Watch out - that WeTransfer link could be a phishing scam By Sead Fadilpašić published 12 September 2022 New phishing campaign abuses a legitimate file-transfer service (Image credit: Gonin / Shutterstock) Audio player loading… If you get an email from an unknown person, sharing a "Proof of Payment" document from WeTransfer, be careful as it's most likely malware. Cybersecurity researchers from Cofense have found threat actors are now distributing the Lampion malware this way in greater volume. Lampion is a known trojan, capable of stealing sensitive data, such as banking information, passwords, and similar. It does so by overlaying known login forms with its own, and then sending out the submitted data to its command & control servers. Lampion distribution What makes this campaign more dangerous than other, similar campaigns, is the use of WeTransfer. This is a legitimate file transfer service, making it extremely difficult for email security systems to flag it as malicious. What's more, this is not the only legitimate service the crooks are abusing - they're also leveraging Amazon Web Services (AWS), and here's how. When a victim receives the email, and if they download the file, they'll get a ZIP archive with a Virtual Basic Script (VBS) inside. The script, if run, connects to an AWS instance, and grabs two DLL files, also in protected ZIP archives. These DLLs, when activated (which is done automatically and with no user interaction whatsoever), are loaded into memory and allow Lampion to operate. Lampion is a known trojan, that's been used since 2019 Starting as malware targeting the Spanish-speaking community first, it has since gone international. This year, researchers said its distribution picked up pace, with some identifying a hostname link to Bazaar and LockBit. Read more> These fake Android antivirus apps install a dangerous banking trojan > New Roblox trojan will land you with a nasty PC infection (opens in new tab) > Best ways to share big files: Cloud sharing large folders made simple (opens in new tab) Email is still one of the best ways to distribute viruses, malware, or ransomware, despite the fact that email protection tools have gotten better over the years. Today, threat actors can leverage a number of free cloud tools, such as hosting providers, calendar organizers, and similar, to bypass security measures and distribute malicious code to endpoints (opens in new tab) around the world. These are the best firewalls (opens in new tab) right now Via: BleepingComputer (opens in new tab) Sead Fadilpašić Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he's written for numerous media outlets, including Al Jazeera Balkans. He's also held several modules on content writing for Represent Communications. See more Computing news Are you a pro? Subscribe to our newsletter Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Thank you for signing up to TechRadar. You will receive a verification email shortly. There was a problem. Please refresh the page and try again. MOST POPULARMOST SHARED1You may not have to sell a body part to afford the Nvidia RTX 4090 after all2My days as a helpful meat shield are over, thanks to the Killer Klown horror game3I tried the weirdest-looking Bluetooth speaker in the world, and I utterly adore it4It looks like Fallout's spiritual successor is getting a PS5 remaster5One of the world's most popular programming languages is coming to Linux1We finally know what 'Wi-Fi' stands for - and it's not what you think2Best laptops for designers and coders 3Miofive 4K Dash Cam review4Logitech's latest webcam and headset want to relieve your work day frustrations5Best offers on Laptops for Education – this festive season Technology Magazines (opens in new tab)● (opens in new tab)The best tech tutorials and in-depth reviewsFrom$12.99 (opens in new tab)View (opens in new tab)