The Russian-speaking ransomware group that was eradicated by Microsoft and the Pentagon last year is on the move again, trying to infect new machines. Yes, you really need to be careful when clicking on links and attachments in unsolicited emails.

Known by the malware name Trickbot, the group was targeted by the Pentagon's cyber forces because it threatened to disrupt the presidential election. The debilitating effort appeared to be successful, as a series of coordinated attacks were launched against the [at least temporarily.

Microsoft also joined in the action, apparently with its own awareness, tracking the servers actually being used by the Trickbot botnet. Working with ISPs in Latin America, Microsoft was able to obtain a court order disabling the IP addresses connected to these servers.

The decentralized nature of the group, which has reportedly spread to Russia, Ukraine, Belarus, and other parts of Eastern Europe, makes it almost impossible to bring this type of group to a permanent halt. And despite the arrest of one of the 55-year-olds who clearly facilitated the spread of Operation Trickbot, there is plenty of evidence that they are back in action.

Indeed, as recently as January, there were reports of malware attacks across North America with all the essential hallmarks of the Trickbot campaign, with Menlo Security stating: "The actions of Microsoft and its partners are commendable, and we are pleased to see that the Trickbot campaign is back on track, Although there has been a lull in Trickbot activity, it appears that the threat actors have sufficient motivation to resume their activities and cash in on the current threat environment.

And now a report from another security firm, Fortinet, claims that the group helped give birth to another ransomware called Diavol. BitDefender also reports that Trickbot's infrastructure is back up and running and appears to be preparing for a new wave of attacks.

So what exactly can we do to avoid falling victim to this type of ransomware? We know that updating Windows can be a hassle, but you can always get the latest security patches for known vulnerabilities by applying the latest security patches can be done.

There is also the fact that targeted ransomware attacks typically target large corporations, insurance companies, and law firms. The ransomware typically takes the form of an email informing the user that they have been caught in a traffic violation or other dubious activity, and prompting them to click on a link that provides evidence of the violation.

This link contains malicious Javascript, which, when connected to a compromised Trickbot server, automatically downloads malware onto the system, which can then be spread to other users on the network.

So, again, be really, really careful what you click on when someone emails you something. At the very least, it will be a bad joke or something that you will actually have to spend some time working on, but at worst, it could cost you a lot of money.