The deadly coronavirus is spreading across the globe, and social engineers are cashing in on the tragedy.
The global epidemic 2019 novel coronavirus (2019-nCov), which caused the cancellation of the Beijing Chinese New Year celebrations and has approximately 17,500 confirmed infections is making headlines across the world.
As is so often the case with global catastrophes and international tragedies, malicious actors are fast to dive on the bandwagon and try to make some fast cash out of the incident.
The outbreak of the Wuhan Coronavirus is no exception. Several phishing email variations have been spotted already in the UK and across the globe. Some claim to be from virologists, offering documented details on how to protect yourself from the virus, such as the example below.
Other emails claim to be from the US Centers for Disease Control and Prevention (CDC), also offering recipients a chance to learn about the deadly outbreak and how they can protect themselves, image below.
Unfortunately, in both cases, should the user click on the supposedly helpful link in the email, they’ll be taken to a fake website set up to steal their personal information. Some emails have also been reported to infect the victim’s machine with the Emotet Trojan, a rather sick irony.
In all cases, the strongest and most effective inoculation a user can receive from these malicious emails is knowledge and understanding of how to spot a phishing email.
The fastest and simplest route to this understanding is Security Awareness Training coupled with simulated phishing. Training your users to better understand phishing attacks is a sure fire way to help reduce the spread of this cyber-epidemic.