HACKERS are taking advantage of the current Wuhan coronavirus issues to send phishing e-mails that exploit the epidemic.
According to Internet security company Kaspersky in its blog, the perpetrators are phishing with the coronavirus for e-mail credentials by sending out emails that appear to come from the Centers for Disease Control and Prevention, which is a real organisation in the US.
Besides that, the e-mails also said to come from a convincing domain like cdc-gov.org, whereas the CDC’s real domain is cdc.gov
A user who doesn't pay careful attention isn’t likely to notice the difference.
According to the blog, the letters claim that the CDC has “established a management system to coordinate a domestic and international public health response” and urge recipients to open a page that allegedly contains information about new cases of infection around their city. The link appears to point to the legitimate CDC website: cdc.gov.
To make it look more convincing to people, the website looks similar to Microsoft Outlook’s interface, and requests an e-mail login and password.
Kaspersky said the website has nothing to do with Outlook. It’s just a page crooks built to steal e-mail credentials.
"It won’t log you in anywhere, but it will forward your login and password to the criminals, who will later use them to access your e-mail account and look for anything worth stealing in there," it said.
As anything on coronavirus will raise attention today, people can expect to see other malicious campaigns using the deadly virus as bait.
For example, there are spam campaigns selling masks, which some perceive as the first line of defence against the virus.
Another example Kaspersky encountered recently was another phishing e-mail that also appeared to be sent from the CDC, this time from a different — but still fake — address: cdcgov.org.
The email urged recipients to donate Bitcoin to fund coronavirus vaccine research. However, the real CDC does not accept Bitcoin, and it is not asking for donations.
Detecting coronavirus phishing emails
The Kaspersky blog says people, to avoid getting hooked, need pay attention to details. There are three things that should raise red flags:
1. The e-mail address of the sender. If it ends with cdc-gov.org instead of cdc.gov, the e-mail is phishing.
2. The actual URL of the link. If you hover over the link without clicking on it, you’ll see that the real address it leads to is different than the link description. It won’t really bring you to cdc.gov.
3. The design of the phishing page. The official Microsoft Outlook website actually looks completely different. No website other than Microsoft’s should ask for your Outlook credentials. If you see such a request, know that it’s phishing and ignore it.