Security News > 2020 > March > Spear-Phishing Attack Lures Victims With ‘HIV Results’
Recently discovered spear-phishing emails are using a unique "Scare-factor" lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results.
"But they should never lead us to fall victim to phishing campaign. Threat actors regularly use purported health information in their phishing lures because it evokes an emotional response that is particularly effective in tricking potential victims to open malicious attachments or click malicious links."
Victims received an email purporting to come from "Vanderbit [SIC] Medical," with the subject line "Test result of medical analysis." The body of the email encourages victims to open a malicious Microsoft Excel attachment titled "TestResults.xlsb," claiming that the recipient's HIV results are contained within it.
This most recent spear-phishing attack is a reflection of attackers continuing to use innovative lures to convince victims to click on malicious links or attachments.
If potential victims receive emails claiming to have sensitive health-related information, researchers said they should their medical provider's patient portal directly or call their doctor rather than open the email.
News URL
https://threatpost.com/spear-phishing-attack-lures-victims-with-hiv-results/153536/
Related news
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)