Experts are warning of a new phishing campaign capitalising on fears of the global health emergency, Coronavirus.
On Thursday, the Coronavirus was classified as a global emergency by the World Health Organisation (WHO). Unfortunately, cyber criminals are now preying on people’s fear by launching a new phishing campaign.
Security researchers at Mimecast detected the campaign, to which the phishing emails are titled “Singapore Specialist: Corona Virus Safety Measures.”
The email advises the recipient to “go through the attached document on safety measures” in regards to the spreading of Coronavirus and requests the user to click on the button to download the attachment.
Once the user clicks the button, they are redirected to a fake page which is the current home page of WHO, but with a popup form on top. A user may choose to enter their details and unknowingly provide cyber criminals their personal details. Once the form is submitted, users are then redirected to the real WHO website.
“The sole intention of these threat actors is to play on the public’s genuine fear to increase the likelihood of users clicking on an attachment or link delivered in a malicious communication, to cause infection, or for monetary gain,” explained Francis Gaffney, director of threat intelligence at Mimecast.
Gaffney added: “I urge everyone to be vigilant at this time in relation to any emails or electronic communications purporting to be in relation to the support of those affected by the coronavirus.”