Pandemic Themed Malware Spreading Through Phishing Emails

 

As the world continues to battle the pandemic for close to two years, it seems that the virus also continues to bring growing concerns in every home and field.

Today, in the Tech world, cybercriminals are preying on the global fears and misconceptions surrounding the virus. Using sophisticated pandemic-themed phishing emails to launch some of the most successful phishing campaigns ever witnessed.

“Since January 2020, there have been over 4,000 coronavirus-related domains registered globally’’ Meanwhile, these domains are 50% more likely to be malicious than other domains, researchers added — Check Point researchers

In fact, the European Central Bank also issued a letter warning financial institutions about increases in pandemic-themed phishing and other related cybercrimes.

To protect yourself and your staff from these phishing scams, we advise you to share this piece with your colleagues and everyone at your organization.

 

How to Spot These Pandemic-Themed Phishing Emails?

 

Hackers and threat actors are continuously updating and adjusting their sly messaging in line with the global response and virus/ vaccine developments.

That’s why you not only need to be aware of the following phishing scams but also consider them a guiding reference to what you should be looking out for as you go.

SEE: The 5 Tell-Tale Signs of a Phishing Email

 

The 5 Most Prominent Pandemic-Themed Phishing Emails Making The Rounds Now

 

1. Emails Impersonating or Spoofing World Health Organization (WHO)

These emails typically contain a malicious attachment or link labeled things like ‘Virus Precautions’ or ‘Donate to Pandemic Response Plan’.

Once you click on the link or download the attachment, it then infects your system with Malware.

WHO has stated that it will NEVER ask for direct donations to emergency response plans via email, separate websites, calls or texts.

 

WHO instead advises you to:

A. Verify the sender by checking their email address
B. Checking any links before clicking
C. Don’t provide any personal information
D. Report any scams you see to their attorney general office

 

2. Fake Test Results 

 

These emails are targeting various companies in the healthcare, pharmaceutical and insurance industries. They carry a malicious attachment labelled ‘test results’ which infects your system with malware.

Attackers are then able to run programs and access your data, including sensitive personal and financial information.

As threat actors keep changing things, you’d want to stay alert to similar emails that might arouse suspicion. Remember, ALWAYS double-check the sender.

 

3. Emails Promoting Fake Pandemic vaccines or cures

 

If a new vaccine or cure is found, trust me, you’re going to hear about it from a legitimate news source first.

Anything other than that is simply bogus.

Remember, with great panic comes great conspiracy theories. However, when a conspiracy theory is delivered straight to your email inbox, it’s rather a scam out to get YOU.

 

4. Emails Impersonating your HR Department or Executives

 

In line with the growing need for employees to work from home, employees are receiving phishing emails impersonating their HR departments or executives.

Such emails typically ask you to sign into DocuSign or Microsoft Word, which then steals your credentials, according to Buzzfeed News.

Before opening any suspicious or unrequested email from your HR department, double-check the sender.

You may need to directly contact your HR department via a trusted email you’ve been using (or via telephone, if possible) to confirm the legitimacy of the email you received.

 

5. Geo-Targeted Emails From your Ministry of Health or CDC

 

MalwareHunterTeam discovered another type of pandemic-themed phishing email impersonating the Center for Public Health of the Ministry of Health of Ukraine.

These emails embed a three-page pandemic-themed Microsoft Office document about the Coronavirus.

According to  MalwareHunterTeam, the document contains malicious macros that can drop a backdoor with capabilities such as clipboard stealing, keylogging, and the ability to take screenshots from a victim’s computer.

With that, you’ll want to watch out for any suspicious emails from your Ministry of Health or any healthcare bodies in your region.

 

How to Address Pandemic-Themed Phishing Emails :

 

1. Phishing Awareness is the best weapon to protect yourself and your company from the danger of phishing emails. Make sure you’re aware of the current phishing trends and raise your employees’ awareness on how to best deal with them.

 

2. Anti-phishing Tools like GAT can help save your domain if any users ever fall for these emails.

While GAT+ won’t stop spam or phishing emails from going into your users’ mailboxes, if one gets in, it enables Admins to instantly remove it from every account on your Google Workspace domain, preventing further damage.

Learn more about how GAT can help your Google Workspace Users work better and safer remotely here.