Coronavirus has become a global health concern, so much so that even the World Health Organisation declared a global health emergency. The virus outbreak without a cure has claimed more than 250 lives and over 12,000 confirmed cases. While most cases are registered in China, Coronavirus is slowly spreading to other countries around the world.
Coronavirus has struck fear in people, forcing them to read up on the disease, its symptoms, prevention and treatment options. Coronavirus awareness is being taken extremely seriously and being spread diligently by govt. bodies, health organisations, hospitals, and more. While the intentions are mostly good behind the awareness efforts, hackers are leveraging the fear to their advantage.
Cybercriminals are known to prey on people's fears to get what they want. In most cases, this trick works for them in successfully executing a remote attack by infecting devices. As Coronavirus spreads, hackers are sending out emails claiming to offer information on how to protect against the deadly virus. But there's just one problem.
The emails redirect readers to open an attachment, which then brings up an Emoten Office 265 document template and asks for permission to "enable content" to view everything. This is how hackers are infecting machines, including PCs and phones. Currently, the malware is targeted towards the Japanese audience, but it could be available in other languages, too.
"This new approach to delivering Emotet may be significantly more successful, due to the wide impact of the coronavirus and the fear of infection surrounding it. We expect to see more malicious email traffic based on the coronavirus in the future, as the infection spreads. This will probably include other languages too," IBM Security said in its report.
To add a touch of authenticity, the emails appear to come from a disability welfare service provider in Japan and hackers are using different tactics to scare people just so they open the document. Once infected, the malware can "harvest user credentials, browser history, and sensitive documents that will be packed and sent to attacker-controlled storage servers."
In addition to stealing sensitive information, the infected machine can be used to send malicious spam messages to other targets, hence multiplying the reach of the malware.
How to safeguard yourself?
The standard spam and phishing vigilance is applied here. Do not open emails coming from unknown senders and never open attached files or click on suspicious links. The best way to read up on Coronavirus is to simply do a web search on Google or check with your local hospital. Google has also launched SOS Alert for searches related to Coronavirus.
In India, there's a 24x7 helpline for any assistance related to Coronavirus. People who suspect of being infected can call 011-23978046 to get assistance on screening and treatment options.