The coronavirus, now officially known as “Covid-19,” is a breaking news topic right now – and the news is pretty scary:
Reports like these are leaving a lot of people worried about coughing and fever and, since the first US infection was right here in Seattle, all of us in the city might be a little more scared of the coronavirus than the rest of the nation is.
Cybercriminals are taking advantage of our fears.
Let’s talk about how malicious hackers have turned the coronavirus into a weapon they can use to infect your business networks.
This disinformation has left Seattleites looking for accurate, trustworthy information about the virus – so when they receive what looks like educational content in emails from the CDC, they’re happy to learn more about how they can protect themselves and their businesses.
Don’t click these emails.
Why not? Because the cybersecurity experts at Kaspersky have identified 10 unique malware threats, including worms and Trojans, which are hidden in PDFs, mp4s, and docx files in those fraudulent emails. The files pretend to deliver helpful info such as virus protection instructions, current threat developments, and virus prevention techniques – and it’s a dirty trick.
As if malware weren’t down and dirty enough, horrible cybercriminals are also sending out phishing emails that pretend to be from the CDC.
In this screenshot from Kaspersky, you’ll see that this email is trying to get you to click on a link that looks like it leads to the CDC’s website. (If you receive the email and you hover over that link, you’ll see that it actually leads you somewhere else entirely.)
Since the Seattle area, plus Vancouver, has been hit by a total of 5 coronavirus infections (as of 2/10/20), this email, which pretends to give you an updated list of infections and cases within our city, is an extremely effective phishing email for our area.
If you click the link in the email, it will direct you to an Outlook login lookalike phishing page. If you see that, don’t enter your credentials. This email is not from the CDC, and there is no reason you should have to provide your login credentials to Outlook to receive a public health bulletin.
Don’t click, don’t take the bait. Don’t give cybercriminals a backdoor into your business computer networks.
By the way, there’s also a less convincing email going around, again pretending to be from the CDC, which requests Bitcoin donations to help fight the virus and fund vaccine research… but you should be able to spot that one as a scam from a mile away.
After all, the Bitcoin email has so many red flags (including Bitcoin donations, for crying out loud) and contains the baffling sentence which begins: “This e-plate is for timely intervention due to holiday extension of our public Institute/ banks not working…”)
Yeah, don’t fall for that one.
The Bitcoin email sure is a really obvious scam, but the malware and updated infection list emails aren’t quite so easy to identify. You certainly don’t want a coronavirus email to infect your computer networks, so make sure you teach your staff to watch for these red flags when opening their emails:
One last important note about the coronavirus: It is important to keep up to date with new developments about this virus, but make sure you get accurate information from safe sources. We recommend:
Worried that you or a staff member may already have become infected with malware, or that you’ve already been phished? It’s best to get help right away to protect your business computer networks and systems, so you can keep your business and data secure.
Lucky enough that you haven’t clicked on a bad email yet? Phew!
In that case, you’ll probably want to make sure your computer networks stay healthy and free of malware. The best way to do that is to work with the experts at Interplay, one of Seattle’s longest-standing IT support companies, and one of the city’s only true managed IT services providers (MSPs).
It’s easy to get in touch with the Interplay team – but if you’re not ready to contact us yet, we suggest you prevent a computer malware infection by conducting your own, in-depth, DIY Network Health Assessment, completely free.