Continuing phishing drives use the fresh coronavirus epidemic as lure in attacks targeting persons from the United States and the United Kingdom, mimicking the US CDC and virologists, warning of new contagion cases in their area, and providing ‘safety measures.’
The international scale health catastrophe caused by infections with the new 2019 novel coronavirus is abused by the attackers for their own malevolent purposes.
As per the World Health Organization (WHO), that the 2019 novel coronavirus epidemic is a public health scare of global fear, while U.S. Health and Human Services Secretary Alex M. Azar on Friday also declared it a “public health emergency for the entire United States.”
In the phishing movement highlighted by investigators at phishing replication and security cognizance training outfit KnowBe4, the hackers promise to offer a list of active contagions in the nearby area to fake their potential victims into clicking a link entrenched in the message and leading to a credential phishing page.
In a sample phishing email, the hackers try to pass their spam as an official alert message circulated via the CDC Health Alert Network. The targets are then apprised that the “CDC has established an Incident Management System to coordinate a domestic and international public health response.”
“You are immediately advised to go through the cases above for safety hazard,” the cyberthieves add, trying to encourage a sense of earnestness that would fake the target into acting on nature and not think about the possible hazards ahead.
The link is cloaked as a connection to the official CDC website and it is used to readdress the victims to an attacker-controlled and Outlook-themed phishing landing page used for gathering and thieving user credentials.
The coronavirus epidemic is also used as lure by an active malspam movement distributing Emotet payloads via emails that aware of coronavirus infection reports in numerous Japanese prefectures, including Gifu, Osaka, and Tottori.
Just as the actors behind the phishing movements marked by Mimecast, the Emotet mob is also recognized for benefiting from trending currents events and imminent holidays.
They benefit from such instances to send out targeted custom templates to their victims, as was the case before a Greta Thunberg Demonstration or when the 2019 Christmas and Halloween parties were closing in.