WHO Warns Of Coronavirus Phishing Attacks – Experts Comments

Bleeping Computer recently published an article titled “World Health Organisation Warns of Coronavirus Phishing Attacks”. More details below:

The World Health Organisation (WHO) warns of ongoing Coronavirus-themed phishing attacks that impersonate the organisation with the end goal of stealing information and delivering malware. “Criminals are disguising themselves as WHO to steal money or sensitive information,” the United Nations agency says in the Coronavirus scam alert. “WHO is aware of suspicious email messages attempting to take advantage of the 2019 novel coronavirus emergency.” The phishing messages are camouflaged to appear as being sent by WHO officials and ask the targets to share sensitive info like usernames and passwords, redirect them to a phishing landing page via malicious links embedded in the emails, or ask them to open malicious attachments containing malware payloads.


EXPERTS COMMENTS
Moshe Elias, Cyber Expert,  Cymulate
February 19, 2020
During 2019, 67% of internal phishing campaigns run by our customers fooled employees and resulted in divulging sensitive data.
Most organizations these days implement thorough cyber education programs, especially around phishing, though as employee awareness rises, so does the level of expertise and sophistication of the emails by hackers. During 2019, 67% of internal phishing campaigns run by our customers fooled employees and resulted in divulging sensitive data. Cyber criminals are being extremely cunning in their appr ....
[Read More >>]
Paul Bischoff, Privacy Advocate,  Comparitech
February 19, 2020
Phishing attacks are cheap, easy, and difficult to trace.
Hackers and cybercriminals have been quick to take advantage of the coronavirus outbreak. This happens any time there is a public health crisis or catastrophe in which people are desperate to find more information and contribute to those affected. The fake WHO emails follow a standard formula for phishing: criminals impersonate an authority figure who uses fear and a sense of urgency to trick vict ....
[Read More >>]
Erich Kron, Security Awareness Advocate,  KnowBe4
February 19, 2020
The World Health Organization would never require an email verification.
This is an example of cybercriminals using an emotional trigger to get people to let their guard down. The constant media stories about the coronavirus and the associated fear due to uncertainty are the lures the use to get people to follow links in the emails, or open infected documents without taking the usual precautions. The World Health Organization would never require an email verification o ....
[Read More >>]
Roger Grimes, Data-driven Defence Evangelist ,  KnowBe4
February 19, 2020
Schemes like this are a big part of the reason why social engineering is responsible for 70% to 90% of a malicious data breaches.
This is among the most common hacking tactics- using a newsworthy event along with a “stressor event” to get people to drop their normal suspicions and fall for a fraud. Schemes like this are a big part of the reason why social engineering is responsible for 70% to 90% of a malicious data breaches. Every organization needs to ensure that their employees are aware of hackers using news events t ....
[Read More >>]
Javvad Malik, Security Awareness Advocate,  KnowBe4
February 19, 2020
The Coronavirus is no exception, and we've seen several variations of phishing emails under the guise of warnings.
Whenever there is a global incident or major news story, we see criminals jumping on the trend to try and push their wares. The Coronavirus is no exception, and we've seen several variations of phishing emails under the guise of warnings, to charitable donations, to flight and travel updates. Many of these phishing emails don't contain any malicious attachments which can be scanned, so they have ....
[Read More >>]
Patrick Hamilton, Security Evangelist ,  Lucy Security
February 19, 2020
The people that think they are safe are the most vulnerable.
It would be so easy to get wrapped in security blankets like zero-trust environments, but beware of being lulled into a sense of security. The people that think they are safe are the most vulnerable. You can trust the World Health Organization (WHO), can’t you? Not if they are the bad guy masquerading as the WHO. Don’t rely on a machine to tell you who to trust. ....
[Read More >>]
Colin Bastable, CEO ,  Lucy Security
February 19, 2020
Hackers love to exploit fear and uncertainty, and crises are a big opportunity for them.
Hackers love to exploit fear and uncertainty, and crises are a big opportunity for them. I suspect that the WHO is off the radar for most people, but hackers will probably exploit the prevailing global supply chain issues and health management uncertainty to launch ransomware and other attacks. Spoof emails purporting to be from constrained suppliers or health insurance can cause a lot of financia ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article