Hackers are not letting the coronavirus crisis go to waste.
As the pandemic raises anxiety levels, cybersecurity firms are seeing a flurry of online attacks exploiting fears around the virus to gain access to data and accounts. The aims range from stealing money and identities to corporate and state espionage.
According to a report by Recorded Future, a threat intelligence firm, cybercriminals are setting up fake websites and sending out fake emails using the logos and branding of the United Nations World Health Organization (WHO) and the U.S. Centers for Disease Control and Prevention (CDC), as well as national health ministries and authorities.
In Italy, Europes worst-hit country, people received emails titled “Coronavirus: informazioni importanti su precauzioni” and seemingly sent by an employee at the WHO in Italy. The emails had a Word document attached containing a banking Trojan called Trickbot, which is designed to steal confidential information, according to the report.
“Be especially wary of any email or other communication purporting to come from the CDC or WHO, even if it appears to come from a legitimate address on the official domains,” Recorded Future said.
U.S.-based cybersecurity firm FireEye found further examples of hacks exploiting virus fears.
Malicious software had been buried in statement about the outbreak attributed to Vietnamese Prime Minister Nguyen Xuan Phuc; in Microsoft Word documents containing medical information; and in documents titled “COVID-19-FAQ” attached to aRead More – Source
