A new phishing scam has been found which targets people’s fear of contracting the coronavirus, according to cybersecurity education platform KnowBe4.
The new scam is an email which warns people they have come into contact with a friend/colleague/family member who has been infected with the coronavirus. It then instructs them to download a malicious attachment and then immediately go to a hospital.
To look legitimate, the email appears to come from a real hospital.
The victim is asked to fill out an Excel form with their details; however, this is a macro-laden Office document which acts as a trojan downloader. This software is only detected by a handful of anti-virus software, KnowBe4 claims.
This malware has several advanced functions which enables it to evade detection of security applications.
KnowBe4 principal lab researcher Eric Howes said, “This is a new type of malware that we’re seeing, as it was reported for the first time just a few days ago.
“For the bad guys, this is a target-rich environment that prays on end users’ fears and heightened emotions during this pandemic. Employees need to be extra cautious when it comes to any emails related to COVID-19 and they need to be trained and educated to expect them, accurately identify them and handle them safely.”
There have been a number of criminals leveraging the coronavirus to trick victims. The FBI recently issued a warning to the public to be careful of these types of scams, which are pretending to be healthcare providers.
Copyright © 2018 RegTech Analyst