Security News > 2020 > May > Phishing attack spoofs World Health Organization to steal email credentials
One group that's been exploited in many of these campaigns is the World Health Organization, a tempting target as it's been trying to manage and direct some of the global efforts toward combatting COVID-19.
Spoofing the WHO, a new phishing campaign spotted by security provider Abnormal Security is trying to capture the email credentials of unsuspecting users.
Displaying the WHO's familiar logo, the email states that the World Health Organization has sent you a message, inviting you to click a link for Open Message.
"This attack is targeted at people in general, and they appear to be trying to trick recipients into entering their real email credentials and phone number," Ken Liao, vice president of cybersecurity strategy for Abnormal Security, told TechRepublic.
"The attack doesn't specify which email credentials, so we're only making educated guesses at this point, but suspect that attackers have seen enough users enter that information to launch this attack as a campaign."
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Phishing Emails Targeting Australian Firms Rise by 30% in 2024 (source)
- Clone2Leak attacks exploit Git flaws to steal credentials (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- Beware: PayPal "New Address" feature abused to send phishing emails (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)