Editor, Get Cyber Resilient
User Name
Daniel McDermott
-
Daniel McDermott
Dan is a 20 year veteran of the ICT industry working for global and local vendors in bringing new and innovative technologies to market in the ANZ region. During his career, Dan has been passionate about bringing a local voice and insights to global technology challenges. As the Editor of GetCyberResilient.com Dan casts a keen eye across the hot topics, trends and pulse of local security practitioners to curate stories from near and far that are most impactful in addressing our evolving risks.
Related Articles
-
Brace yourselves: Tax scams are coming
Tax season is here, and the number of tax scams is growing every day. It can be a little inconvenient, but taking a few precautions can greatly improve your chances of protecting yourself from tax scams.
-
This month in security: June 2020
Australian government and businesses hit by a series of malicious cyber events, CrowdStrike’s survey reveals the risks facing the remote workforce during COVID-19, beverages giant Lion, Fisher and Paykel and Honda blindsided by cyberattacks, while CBA uncovers abusive messages hidden in digital transactions.
-
Alert the humans: scammers are relying on your people to screw up
As organisations strive to comply with stricter data confidentiality laws, tackling human error can be one of the most important security measures any company can take.
How fake coronavirus warning emails are spreading malware across Australia
Content
With the outbreak of the coronavirus making headlines around the world, scammers are using the fear of the virus to trick people into installing malware onto their computers.
Attackers send unsuspecting victims an email with a warning that the coronavirus has been discovered in their neighbourhood, along with a fake attachment claiming to contain infection prevention advice. The fake attachment can be a word file, a video file or a PDF.
The fake attachment contains a variant of Emotet, a dangerous trojan that can steal banking details and other types of personal information. We’ve discussed Emotet and its capabilities before, and how it’s regarded as one of the most destructive types of malware out in the wild. Users who open the attachment are immediately infected with the trojan which often goes undetected by antivirus software.
Garret O’Hara, Mimecast’s Principal Technical Consultant, observes: “Attackers understand that it’s easier to exploit people in a climate of fear. A health scare like the coronavirus outbreak presents cybercriminals with a tempting opportunity to target people worried about their health.”
Since Emotet forwards itself to everyone on a victim’s contact list, more people will find seemingly legitimate emails coming from trusted sources, making them likely to open the attachments inside.
In October last year, the national Cyber Incident Management Arrangements (CIMA) increased the threat assessment of Emotet to "Level 3: Alert". Their designation of Level 3 falls under the "significant cyber incident" category, which can have a "major impact" on services, information, assets and government reputation. Since that time, Emotet had been downgraded to level 5, although it’s possible this could change in light of the latest coronavirus attacks.
Fortunately, keeping yourself protected is fairly straightforward: just avoid clicking suspicious links or attachments, even if they come from a trusted source. Keep your antivirus software updated and be sure to check the extension of the attached file before opening. Any attachments with unusual extensions like “.exe” or “.Ink” are likely to be fake and possibly dangerous.
Comments:0
Add comment