Security News > 2021 > June > Agent Tesla RAT Returns in COVID-19 Vax Phish
"Attached herewith is the revised circular," the malicious email reads.
"Since 50 percent of the malicious emails targeted South Korea, we can speculate that threat actors were closely monitoring local news about the vaccination campaign in the country and anticipated shipment of 14 million doses of coronavirus vaccine," the spokesperson said.
Howes added, "If nothing else, this email highlights the importance and role of security-awareness training for organizations coping with the increasing onslaught of malicious emails landing in employees' inboxes. Although an organization's antivirus program might catch the malicious attachment, the reality is that it might well fall to employees themselves to thwart this kind of attack."
"First, the 'from:' email address clearly indicates that this email is coming from outside the organization," he explained.
"Second, the email refers users to an 'attached link.' In fact, what is attached is not a link file or even an HTML web page, but a malicious Office document. Third, the email is a bit vague and confusing, referencing a circular that is not well-described and likely not familiar to recipients of the email."
"To remain safe in today's thread landscape, organizations must adopt a culture of security that integrates all areas of information security such as comprehensive patching that goes beyond just the base operating system as well as continuous end user security awareness training to spot and report suspected phishing emails."