�
PREDICTIVE
INTELLIGENCE
While phishing emails leveraging
Coronavirus are new, the same
precautions for email security
still apply.
AzorUlt, which is being distributed from
a phishing site claiming to be a map of
the outbreaks, and TrickBot, which is
circulating among Italian phishing emails.
Credential theft
In addition to widespread credential
harvesting from information-stealing
malware, phishing attacks with links
to spoofed login pages are also using
Coronavirus COVID-19 as a lure. One
such variant that Barracuda systems
detected claims to be from the CDC
and attempts to steal Microsoft
Exchange credentials when the
malicious link is clicked.
A wide variety of email login pages
are commonly spoofed by attackers,
targeting the email portal which users
are accustomed to, when this mail server
information can be scraped by attackers.
Other login pages are more generic
or offer multiple options for provider
– spoofing each provider login page.
Attackers are simply changing to the
existing credential phishing email
premise to capitalise on Coronavirus.
How to protect yourself
While phishing emails leveraging
Coronavirus are new, the same
precautions for email security still apply.
Be wary of any emails attempting to
get users to open attachments or click
links. Anti-malware and anti-phishing
solutions can be especially helpful to
prevent malicious emails and payloads
from reaching intended recipients but
even with such protections in place,
caution should always be used since no
solution catches everything.
Watch out for any communication
claiming to be from sources that you
normally would not receive emails
from. These are likely phishing attempts.
While receiving Coronavirus-related
emails from legitimate distribution
lists to which you belong is becoming
common, emails from organisations that
you do not regularly receive messages
from should be scrutinised closely.
For example, the CDC is not going to
be sending out emails to anyone who
doesn’t regularly receive emails from
them already.
Use caution with emails from
organisations you regularly
communicate with. Brand
impersonation is quite prevalent in
Coronavirus-related email attacks,
so use caution opening emails from
organisations you expect to hear
from. This is especially true for those
in the healthcare industry, since it is
being targeted by cyberattacks trying
to capitalise on the pressure
resulting from handling an influx of
Coronavirus cases.
Find credible charities and donate
directly. A common tactic for
Coronavirus-related scams is asking
for donations to help those affected by
the pandemic. To avoid falling victim to
one of these attacks, don’t respond to
email requests for donations. Instead,
find credible charities helping with
Coronavirus efforts and donate directly
through them to help ensure that funds
end up where they can do good rather
than in the hands of scammers. It’s
also highly unlikely that any legitimate
charities are taking donations through
Bitcoin wallets, so seeing that in an email
should be a red flag. u
www.intelligentciso.com | Issue 26
35