Phishing Scams Aim to Exploit Coronavirus Fears

Cyber criminals are taking advantage of fears over coronavirus by conducting phishing attacks and spreading malware and trickbots , which could lead to ransomware by sealing credentials and personal information.  These thieves exploit concerns about the COVID-19 outbreak for their own criminal means.

Researchers at Sophos, reported on a phishing scam were criminals took a victim to a reproduction of the website for the World Health Organization (WHO).  On the fake site a popup asked for an email address and out of habit users provided this information.  The criminals then use the information to set up a campaign to send phishing emails to the victims’ company and friends.

Because the email appears to be from a reliable co-worker an email attachment is opened, and a trickbot trojan is installed.  The trickbot then scans the network to identify targets and when enough information has been gathered by infected computers ransomware is downloaded.  In this attack not only does it steal personal data and credentials including passwords, browser data, registry keys and more but the ransomware encrypts their machine and ransoms the data for payment.

designDATA has partnered with KnowBe4 to help our clients train their staff to make smarter security decisions.  KnowBe4 is the world’s most popular integrated platform for security awareness training.  Please contact your designDATA program manager for more details on this security tool to help keep your company from becoming a victim.