HKCert
Security Blog

Watch out for Phishing Attacks Using False Information on Infectious Disease

Release Date: 04 / 02 / 2020
Last Update: 04 / 02 / 2020

When many countries are doing their best to combat the novel coronavirus, cyber security researchers have found that hacker groups have been preying on the fears of human to launch a new round of malicious spam (malspam) attacks to spread the Emotet trojan.

 

According to researchers’ observations, hackers would pose as a disability welfare service provider and send an email attached with an "infection report" alike document embedded with malicious script to their potential victims [1]. Once the recipient opens the infected document and executes the script, it will automatically download the payload and install a trojan to the victim's personal information [2]. Researchers also found that hackers have used similar methods to send malicious documents in the name of epidemic information to victims in different file formats, including PDF, MP4, DOC, etc [3].

 

HKCERT noted the attacks are targeting Japan for the time being, but it is very likely that similar attacks will target other areas affected by the novel coronavirus including Hong Kong! Therefore, HKCERT urges everyone to stay vigilant at all times.

 

Security Recommendations: 

 

1. Install anti-malware software and keep it up to date;
2. Do not click or open links in unsolicited messages in email, instant messaging and social media;
3. Verify the sender before clicking any links, opening any attachments or providing any information.
4. Order masks or personal cleaning products from reputable supplier websites only.
5. Do not spread unsolicited information.

 

Reference Link: 


[1]     https://exchange.xforce.ibmcloud.com/collection/18f373debc38779065a26f1958dc260b

[2]     https://www.bleepingcomputer.com/news/security/emotet-uses-coronavirus-scare-to-infect-japanese-targets/

[3]     https://threatpost.com/coronavirus-propagate-emotet/152404/