As if the fear of the Coronavirus outbreak weren’t enough to have the world on edge, there’s a new way that the virus is impacting humans: through email cyber-attacks.
The method of contamination takes a trusted name, the World Health Organization, and uses it to falsely disperse information about the virus, and in reality, disperses malware in the form of the “AgentTesla Keylogger”.
To accomplish this, hackers have their own email campaign running in an attempt to feed on public fear. The campaign centers around a Coronavirus conspiracy theory and indicates that the email contains information about unknown cures. When an individual clicks on the attachment contained in the email, they are unknowingly accepting the malware. One particular campaign goes as far as deploying a DocuSign page where users enter personal information in the hopes of being sent additional information on the “cure”. A second method is using a Microsoft Word attachment to redirect users to a fake Microsoft Office website where the World Health Organization name appears to give additional credibility. From here, more information is input by the user.
While the AgentTesla Keylogger is one virus deployed, there are multiple others. These work to obtain users’ personal and financial information via input from the users themselves. A keylogger tracks all input from the unsuspecting user, and basically gives away every bit of information that the individual enters into their computer moving forward.
The U.S. Centers for Disease Control and Prevention does indicate that the risk for the general American public is low in regard to the Coronavirus. However, they continue to monitor the situation, just as you should continue to monitor on your own when it comes to your business becoming infected.
Be on high alert if you receive an email with information about the virus and pause before clicking or providing personal or business information. Even the simplest of intentions can lead to a much larger “outbreak” for an organization.