Security News > 2020 > May > Phishing attack spoofs World Health Organization to steal email credentials
One group that's been exploited in many of these campaigns is the World Health Organization, a tempting target as it's been trying to manage and direct some of the global efforts toward combatting COVID-19.
Spoofing the WHO, a new phishing campaign spotted by security provider Abnormal Security is trying to capture the email credentials of unsuspecting users.
Displaying the WHO's familiar logo, the email states that the World Health Organization has sent you a message, inviting you to click a link for Open Message.
"This attack is targeted at people in general, and they appear to be trying to trick recipients into entering their real email credentials and phone number," Ken Liao, vice president of cybersecurity strategy for Abnormal Security, told TechRepublic.
"The attack doesn't specify which email credentials, so we're only making educated guesses at this point, but suspect that attackers have seen enough users enter that information to launch this attack as a campaign."
News URL
Related news
- Google now blocks spoofed emails for better phishing protection (source)
- TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer (source)
- Roku warns 576,000 accounts hacked in new credential stuffing attacks (source)
- FBI warns of massive wave of road toll SMS phishing attacks (source)
- FIN7 targets American automaker’s IT staff in phishing attacks (source)
- AI set to play key role in future phishing attacks (source)
- LA County Health Services: Patients' data exposed in phishing attack (source)
- LA County Health Services: Patients' data exposed in phishing attack (source)
- Okta warns of "unprecedented" credential stuffing attacks on customers (source)
- Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks (source)