A new phishing scam is in circulation which pretends to be from a local hospital and informs recipients that they have been exposed to the coronavirus.
The uncertainty of the current COVID-19 crisis has provided an opportunity for cybercriminals to take advantage whilst our attention has been elsewhere. In recent weeks, the public has been targeted with a range of coronavirus phishing scams which promise information about the global pandemic.
In a new low, fraudsters have issued a phishing campaign which appears to be from a local hospital, explaining that the recipient has been in contact with an individual who has tested positive for COVID-19.
The email then instructs the recipient to print the attached EmergencyContact.xlsm file and bring it with them to the nearest emergency clinic for testing. When a user opens the attachment, they will be prompted to ‘Enable Content’ to view the protected document, which then launches malicious macros and downloads malware onto the recipient’s computer.
The malware proceeds to work quietly in the background whilst it searches for cryptocurrency wallets, steals web browser cookies, gets a list of programs running on the computer, looks for open shares on the network, accesses local IP address information, and completes other harmful actions unknown to the victim.
Like many common phishing scams the email aims to provoke a sense of urgency, and encourages the recipient to act quickly. It has also been carefully written, avoiding spelling and grammatical errors which is often a common trait of phishing campaigns.
As COVID-19 fears grow, hundreds of Coronavirus themed domains are being used to spread malware and steal information. The National Fraud Intelligence Bureau (NFIB) has reported a 400% increase in scams as a result of coronavirus-related fraud. With these numbers expected to rise in the coming months as the virus continues to spread, there are a number of ways to stay safe from coronavirus phishing scams.
How to Stay Safe from Coronavirus Phishing Scams
- Never click on links or download attachments from unknown sources.
- Always take time to think about a request for your personal information, and whether the request is appropriate.
- Seek information from trusted sources.
- Pay close attention to the spelling of an email or web address, if there are any inconsistencies, delete immediately.
- Ignore and delete emails with poor grammar and formatting.
- Question the validity of any email that asks you to submit personal or financial information.
- Ignore emails or text messages that are threatening or urgent in tone.
- Install the latest anti-virus software solutions on all your devices.
- Use strong passwords to reduce the chance of devices being hacked.
- Consider the use of a password manager to maintain the security of multiple accounts.
Free Coronavirus Awareness Assets
In this time of uncertainty, MetaCompliance is committed to supporting organisations mitigate the risk of cyber threats.
To help communicate good cyber hygiene and vigilance, we have created a bank of free digital assets, which you can use to support your communications during this challenging time.
Click here to access your free awareness assets.