There is a secret cure for the Wuhan coronavirus, but the government won't let you use it! Click here to read more
If you fell for this, you may fall for similar phishing emails promising details of this supposed plot against humanity or offering tips on how to prevent contracting the disease.
The thing is, in order to read that important information, you need to provide credentials for your personal or work email account or open a document that infects you with particularly nasty malware that steals your passwords or completely takes over your computer.
Proofpoint researchers posted examples of these criminal scams in a blog post yesterday (February 13). [Sherrod DeGrippo of Proofpoint wrote, "These latest examples are a reminder that users should act with caution and exercise caution with regard to emails and websites featuring the Coronavirus."
The best antivirus software should stop malware, but it may not stop phishing attacks, which rely on human rather than digital vulnerabilities. The only way to stop a phishing attack is to ask yourself why a random site would want your account credentials, and check the URL of each page to make sure you're actually where you're supposed to be.
"The world has struggled to contain this deadly virus developed and disseminated by evil scientists to reduce the world's population and allow governments to control you. Our secret team of medical scientists has developed a cure. If you are interested in saving your own life, please reply and get more information about shipping and delivery to you."
[12The email presents a link to "free health guidelines" and directs the victim to a website that asks for the victim's DocuSign username and password. since DocuSign is used by businesses, PayPal, and the US Internal Revenue Service to authenticate documents, these authentication information is of great value to thieves.
Some other emails understate the conspiracy theory, but still pose as coming from some authority, such as the World Health Organization, a (fake) Australian government agency, or a company president, and provide security tips in attachments and included web links.
The president's email contains a Microsoft Word file that links to a phishing site that asks for credentials for the corporate network; the WHO email has a "CoronaVirus Safety" attachment, actually a keylogger, captures everything you type and sends it to the attacker. The Australian email directs the user to another phishing site that requests Adobe Creative Cloud account information.
Proofpoint's last example is the worst. This email also poses as an email from a company leader and offers tips about the safety of the Corona virus, but it does not simply attempt to steal account credentials. Instead, opening the attachment installs a remote-access Trojan called NanoCore RAT, which gives a distant attacker complete control over your PC.
Comments