As the COVID-19 coronavirus spreads across the world, so are COVID-19 email scams and malware!
Tatyana Shcherbakova tells us what she and her team discovered!
Warning : COVID-19 Email Scams Are Spreading!
As the COVID-19 coronavirus spreads, fake information is being created and distributed at a very high rate, confusing people all over the world.
Cybercriminals are taking advantage of the confusion, creating various email scams, with some realistic ones pretending to be from the WHO.
Tatyana Shcherbakova, a senior web content analyst, details how her team looked at the COVID-19 email scams, and came across the realistic ones from WHO…
WHO Is Warning You? These Are COVID-19 Email Scams!
At first, we found emails offering products such as masks, and then the topic became more commonly used in Nigerian spam emails. We also found scam emails with phishing links and malicious attachments.
One of the latest spam campaigns mimics the World Health Organization (WHO), showing how cybercriminals recognize and are capitalizing on the important role WHO has in providing trustworthy information about the coronavirus.
Users receive emails allegedly from WHO, which supposedly offer information about safety measures to be taken to avoid a COVID-19 infection.
Once a user clicks on the link embedded in the email, they are redirected to a phishing website and prompted to share personal information, which ends up in the hands of cybercriminals.
This scam looks more realistic than other examples we have seen lately, such as alleged donations from the World Bank or IMF for anyone who needs a loan.
In order to stay safe, we advise users to carefully study the content of the emails they receive and only trust reliable sources.
If you are promised a vaccine for the virus or some magic protective measures, or content of the email is making you worried, it has most likely come from cybercriminals.
This is especially true if the sender suggests clicking on a link and sharing your personal data or opening an attachment.
You should not donate any real money or trust information with promises to help those affected by the virus, even if the email comes from someone who introduces themselves as an employee of a trusted organization.
Finally, double check the email address, as scammers often use free email services or addresses that have no relation to the organization mentioned.
Malware Masked As COVID-19 Coronavirus Documents!
They also found malicious files disguised as documents related to the COVID-19 coronavirus. The malicious files were masked under the guise of pdf, mp4 and docx files about the COVID-19 coronavirus.
The names of files imply that they contain video instructions on how to protect yourself from the virus, updates on the threat and even virus detection procedures, which is not actually the case.
In fact, these files contained a range of threats, from Trojans to worms, which are capable of destroying, blocking, modifying or copying data, as well as interfering with the operation of computers or computer networks.
Some malicious files are spread via email. For example, an Excel file distributed via email under the guise of a list of coronavirus victims allegedly sent from the World Health Organization (WHO) was in fact a Trojan-Downloader, which secretly downloads and installs another malicious file.
This second file was a Trojan-Spy designed to gather various data, including passwords, from the infected device and send it to the attacker.
COVID-19 Email Scams + Malware : How To Avoid
As governments and businesses are forced by the COVID-19 coronavirus to encourage their employees to work from home, it is critical that they employ these cybersecurity practices to reduce risk of falling for phishing attacks, or malware :
- Provide a VPN for staff to connect securely to the corporate network
- All corporate devices – including mobiles and laptops – should be protected with security software
- The operating system and apps should be updated with the latest patches
- Restrict the access rights of people connecting to the corporate network
- Ensure that the staff are aware of the dangers of unsolicited messages
Recommended Reading
- TÜV AUSTRIA Cybersecurity Lab Official Launch In Malaysia!
- TikTok Finally Bans Deadly Skull Breaker Challenge!
- Microsoft : Cybersecurity Trends + How To Stay Safe In 2020!
- 2020 Microsoft Digital Civility Index : Some Surprises!
- Malware Alert : How Shopper Takes Over Android Phones!
- Operation Goldfish Alpha : INTERPOL Tackles Cryptojacking!
- Kaspresso : FREE Android App Testing Tool Released!
- Dell Forecasts The Future of Connected Living In 2030!
- WizardOpium Exploit : Update Google Chrome ASAP!
- How AMD CPUs Work In A Secured-core PC Device!
- The Microsoft Secured-core PC Initiative Explained!
- Acronis True Image 2020 – Everything You Need To Know!
- Jeff Clarke : Tech Predictions For 2020 + Next Data Decade!
- Dell EMC PowerProtect DD for Multi-Cloud Data Protection
- Progress Made Real : The New Dell Social Impact 2030 Vision!
- The Dell 2020 Legacy Of Good Final Report Summarised!
- How Dell Unified Workspace Simplifies IT Management!
- ADVA Ensemble Now Available On Dell EMC VEP!
- How 5G Will Change Our Lives + Future!
- Dell Technologies World 2019 : More Videos + Announcements
- Pat Gelsinger Reveals 2019 VMware Strategy + Plans!
- The 2019 Dell EMC Unity XT + PowerProtect Primer!
- Here Is Everything Dell Announced At Computex 2019!
- The Human-Machine Partnership by Erik Brynjolfsson + Rana el Kaliouby
- The 2019 Microsoft – Dell Partnership : All You Need To Know!
- VMware Cloud on Dell EMC – Delivered By Dell, Managed By VMware!
- Dell Technologies Cloud Primer – Simpler, Better Hybrid Cloud!
Go Back To > Cybersecurity | Business | Home
Support Tech ARP!
If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!