Although Trickbot survived the disruption by Microsoft, a new legal precedent was set. Microsoft successfully argued that Trickbot was using Windows code for malicious purposes and provided them a court order to disrupt the botnet. This should allow for more support in future attempts to takedown the malware. In the meantime, the best way to protect against phishing campaigns is training and awareness. Teaching employees how to spot a phishing email can be a great defense. Identifying suspicious URLs or email addresses or knowing when an attachment may be malicious can prevent an attack brought on by a phishing email. If email filtering is in place, defenders can block zip file attachments that contain JavaScript or VBScript files. Another useful preventative control to deploy is a group policy update to set the default program for handling .js and .vbs file extensions to Notepad or another text editor program, so that employees double-clicking a script file do not automatically execute it on their workstation. Multi-factor authentication also provides a strong barrier against phishing attacks because it requires an extra step for cyber criminals to overcome in order to conduct a successful attack. According to Microsoft, using multi-factor authentication blocks 99.9% of attempted account hacks. Companies should also utilize a service such as Binary Defense’s Managed Detection and Response service to monitor endpoints for any abnormal activity and identify attacks early before they can cause damage.