PSA: Mueller report malware is on the way, probably

Has someone sent you an email with an attachment that claims to be a leaked copy of the Mueller report? Have you been directed to a website where you can supposedly download the Mueller report in full?

No, you shouldn’t click on it. Yes, it’s almost certainly a scam.

Politically motivated cyberattacks

Whenever there’s big news, scammers attempt to capitalize on it. By referencing current events, scammers are able to make their attacks seem more believable to increase the chances of their targets clicking on a malicious link, inadvertently giving away their personal information or downloading a malicious file.

One of the biggest political events happening right now is the release of the Mueller report.

In case you haven’t been following the story, here’s a quick recap: Almost two years ago, former FBI Director Robert Mueller was tasked with leading an investigation into Russian interference in the 2016 U.S. presidential election.

Along the way, we’ve caught glimpses of various scandals related to the investigation – alleged obstruction, collusion and money laundering, to name but three – but the details of the report have, for the most part, been kept under wraps.

A day ago, Mueller submitted his final report to Attorney General Bill Barr, and to say that people are curious about what the report contains would be a gross understatement. If you’re a citizen of the United States, you’re probably – regardless of where you sit on the political spectrum – eager to see the report.

But here’s the thing: at the time of writing, only the Attorney General has access to the Mueller report. What’s more, there’s no guarantee that Mueller’s findings will ever be made public.

Look out for Mueller report malware

Cybercriminals are well aware of the immense public interest in the Mueller report, and there’s a very high chance that the report will be used as bait in scams and attacks over the coming days and weeks. With WikiLeaks joining in on the frenzy by raising $1 million for a leaked copy of the report, attackers may use the report to try and persuade you to open email attachments, visit websites and download files that you would normally ignore.

Be very wary of:

• Email attachments that claim to be a leaked copy of the Mueller report.
• Dodgy websites where you can supposedly download the Mueller report.
• Emails regarding the Mueller report, which contain links to websites that ask for your login credentials or other sensitive information.

Protecting yourself from Mueller report malware

The usual rules apply when it comes to protecting yourself against politically motivated attacks:

• Be very suspicious of unsolicited emails and only open attachments that you’re certain are safe.
• Avoid phishing attacks by only entering your personal information on known, trustworthy websites.
• Install an anti-phishing browser extension such as Emsisoft Browser Security.
• Invest in proven antivirus software such as Emsisoft Anti-Malware.

Whether or not the Mueller report is eventually released to the public, it seems very likely that cybercriminals will try and use it to add a layer of legitimacy to their attacks. Being mindful of unsolicited emails and protecting yourself with reliable antivirus software can go a long way toward mitigating these attacks.

Have a good (malware-free) day!