Editor, Get Cyber Resilient
User Name
Daniel McDermott
-
Daniel McDermott
Dan is a 20 year veteran of the ICT industry working for global and local vendors in bringing new and innovative technologies to market in the ANZ region. During his career, Dan has been passionate about bringing a local voice and insights to global technology challenges. As the Editor of GetCyberResilient.com Dan casts a keen eye across the hot topics, trends and pulse of local security practitioners to curate stories from near and far that are most impactful in addressing our evolving risks.
Related Articles
-
A love letter from your scammer
Read a love letter from a scammer and find out how they make people fall prey to their scam tactics.
-
This month in security: January 2020
Emotet comes back from the holidays, Jeff Bezos’s phone gets hacked, the NSA discovers a major Windows vulnerability and P&N Bank in WA suffers a data breach.
-
Smart devices need smarter security: Why consumer IoT is a major cybersecurity risk
As smart devices become part of our homes, the risks of unsecured devices are poised to spill over into the lives of our loved ones as well. Buyers beware.
How fake coronavirus warning emails are spreading malware across Australia
Content
With the outbreak of the coronavirus making headlines around the world, scammers are using the fear of the virus to trick people into installing malware onto their computers.
Attackers send unsuspecting victims an email with a warning that the coronavirus has been discovered in their neighbourhood, along with a fake attachment claiming to contain infection prevention advice. The fake attachment can be a word file, a video file or a PDF.
The fake attachment contains a variant of Emotet, a dangerous trojan that can steal banking details and other types of personal information. We’ve discussed Emotet and its capabilities before, and how it’s regarded as one of the most destructive types of malware out in the wild. Users who open the attachment are immediately infected with the trojan which often goes undetected by antivirus software.
Garret O’Hara, Mimecast’s Principal Technical Consultant, observes: “Attackers understand that it’s easier to exploit people in a climate of fear. A health scare like the coronavirus outbreak presents cybercriminals with a tempting opportunity to target people worried about their health.”
Since Emotet forwards itself to everyone on a victim’s contact list, more people will find seemingly legitimate emails coming from trusted sources, making them likely to open the attachments inside.
In October last year, the national Cyber Incident Management Arrangements (CIMA) increased the threat assessment of Emotet to "Level 3: Alert". Their designation of Level 3 falls under the "significant cyber incident" category, which can have a "major impact" on services, information, assets and government reputation. Since that time, Emotet had been downgraded to level 5, although it’s possible this could change in light of the latest coronavirus attacks.
Fortunately, keeping yourself protected is fairly straightforward: just avoid clicking suspicious links or attachments, even if they come from a trusted source. Keep your antivirus software updated and be sure to check the extension of the attached file before opening. Any attachments with unusual extensions like “.exe” or “.Ink” are likely to be fake and possibly dangerous.
Comments:0
Add comment