A new malspam campaign is being conducted that is pretending to be from the Centers for Disease Control and Prevention (CDC) about a new Flu pandemic. Attached to the emails are a malicious attachment that when opened will install the GandCrab v5.2 Ransomware on the target’s computer.
First discovered by MyOnlineSecurity, these emails are being sent from email addresses that are impersonating the “Centers for Disease Control and Prevention” and have a subject line of “Flu pandemic warning”. These emails state that there is a flu pandemic and that recipients should read the attach document to help prevent its spreading.
Roy Rashti, Cyber-security Expert at Bitdam:
“These kinds of attacker always attempt to reach as many end-user inboxes as possible as some of the targeted end-users will not actually receive the malicious attachment, and out of those that do, not all of them will open it. To overcome this and bypass the variety of security solutions that are familiar with macro-attacks currently in the market, attackers try to be as creative as possible.”
“In order to protect from this kind of attack, cyber education and awareness is essential. People need to treat any email they receive with suspicion. However, the creativity and sophistication of social engineering methods used by attackers means that they are usually one step ahead of their targets, so a security solution that is able to detect a wide variety of attacks must be used to prevent them from appearing in the inbox in the first place.”