Security News > 2020 > February > Hackers imitating CDC, WHO with coronavirus phishing emails
Last week, IBM and Kaspersky caught hackers in Japan trying to spread malware through emails with links about the coronavirus outbreak that started in Wuhan, China, in January.
Now, Kaspersky and Sophos have found phishing emails from cybercriminals purporting to be from the Centers for Disease Control and Prevention and the World Health Organization that are attempts to steal email credentials and other information.
In a blog post, Kaspersky researcher Maria Vergelis explained that they found phishing emails coming from "Cdc-gov.org," instead of the CDC's real domain at cdc.
Kowsik Guruswamy, CTO of Menlo Security, said this new campaign shows that companies have to be proactive about training employees how to spot these kinds of emails and attacks, which will become more prevalent especially with major news events like the coronavirus.
Vergelis wrote that companies and regular people should expect to see many more emails like this as hackers realize how effective it is to exploit situations like coronavirus spread. "The coronavirus as a topic is heating up among malefactors of various kinds, so expect to see other malicious campaigns using the deadly virus as bait. Recently we've seen spam campaigns selling masks, which some perceive as the first line of defense against the virus," Vergelis added.
News URL
Related news
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails (source)
- Hackers exploit Roundcube webmail flaw to steal email, credentials (source)
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)