TA505 Description

TA505 is the name of a group of con artists that introduced a phishing campaign that distributes a backdoor Trojan. The main target of TA505 was a financial establishment, and they used Microsoft Excel to send email attachments with corrupted macros which, when opened, enabled the threat payload. Then, the second stage of the campaign, which is the installation of various files, will take place. By opening a backdoor on the infected computer, TA505 can control the machine system and start doing whatever it wants, which is to collect information and other harmful deeds.

Phishing campaigns can be very harmful because depending on the information collected by its perpetrators, the computer owner can be really in big trouble because it may involve crucial data such as banking account information, personally identifiable data, which may lead to identity theft and other prejudicial actions. However, these phishing campaigns can be avoided easily by never opening email attachments without checking their real origination, not visiting unknown websites and having healthy browsing habits.