Security News
Knowing the topic is critical for many, spammers are sending phishing emails with malicious attachments masquerading as instructions around the coronavirus. These coronavirus-themed phishing emails could affect businesses due to China's role in the world economy, according to OneSpan.
Several cybersecurity companies have spotted campaigns that use coronavirus-themed emails to deliver malware, phishing attempts and scams. The malicious emails warn potential victims about the impact of the coronavirus on the shipping industry.
As fears about the coronavirus continue to spread, cybercriminals are using the health crisis to send phishing emails using a variety of tactics to a broader range of targets. In late January, IBM X-Force researchers discovered a first wave of phishing scams that targeted some regions in Japan to spread the Emotet Trojan, as well as other malware, by using malicious messages that appear to contain information about coronavirus.
Hackers are using malicious emails about the coronavirus to trick people with a malware called AZORult. Hackers used emails about ways to prevent coronavirus contraction in Japan as a way to spread Emotet malware to unsuspecting victims while others sent out fake emails from the World Health Organization or Centers for Disease Control and Prevention to trick people into giving away their email account passwords.
Last week, IBM and Kaspersky caught hackers in Japan trying to spread malware through emails with links about the coronavirus outbreak that started in Wuhan, China, in January. Now, Kaspersky and Sophos have found phishing emails from cybercriminals purporting to be from the Centers for Disease Control and Prevention and the World Health Organization that are attempts to steal email credentials and other information.
The latest example of the latter are fake emails purportedly coming from the World Health Organisation, which is, ironically, engeaged in fighting an "Infodemic" of fake coronavirs-themed news online. It also shows a simple pop-up asking the potential victim to "Verify" their email by entering their email address and password.
How that number grows or shrinks will dictate how business continuity leaders must respond. "If we continue on a 2 percent fatality rate, or it drops even lower, I think we will not see a major impact on business," says Phelps, founder of Emergency Management & Safety Solutions.
Sadly, cybercrooks love a crisis, because it gives them a believable reason to contact you with a phishing scam. Of course, if you put in your email address or your password and click through, you'll be submitting the filled-in web form to the crooks.
The Wuhan coronavirus continues to spread and create anxiety across the globe, allowing malicious individuals and groups to exploit the situation to spread fake news, malware and phishing emails. IBM X-Force says that Japanese users have been receiving fake notifications about the coronavirus spreading in several prefectures, purportedly sent by a disability welfare service provider and a public health center.
Hackers are using global fears about the spread of the virus to target people in Japan with the Emotet trojan, a popular strain of malware that has been devastatingly effective at attacking governments and financial institutions. Threat researchers with Kaspersky identified other attempts to spread Emotet using the coronavirus scare as a way to get people to open emails or files and share them.