WHO Warns Of Coronavirus Phishing Attacks – Experts Comments

Bleeping Computer recently published an article titled “World Health Organisation Warns of Coronavirus Phishing Attacks”. More details below:

The World Health Organisation (WHO) warns of ongoing Coronavirus-themed phishing attacks that impersonate the organisation with the end goal of stealing information and delivering malware. “Criminals are disguising themselves as WHO to steal money or sensitive information,” the United Nations agency says in the Coronavirus scam alert. “WHO is aware of suspicious email messages attempting to take advantage of the 2019 novel coronavirus emergency.” The phishing messages are camouflaged to appear as being sent by WHO officials and ask the targets to share sensitive info like usernames and passwords, redirect them to a phishing landing page via malicious links embedded in the emails, or ask them to open malicious attachments containing malware payloads.

Experts Comments

February 19, 2020
Moshe Elias
Cyber Expert
Cymulate
Most organizations these days implement thorough cyber education programs, especially around phishing, though as employee awareness rises, so does the level of expertise and sophistication of the emails by hackers. During 2019, 67% of internal phishing campaigns run by our customers fooled employees and resulted in divulging sensitive data. Cyber criminals are being extremely cunning in their approach to latch onto a global health emergency with malspam and we can expect to see more of this.....Read More
Most organizations these days implement thorough cyber education programs, especially around phishing, though as employee awareness rises, so does the level of expertise and sophistication of the emails by hackers. During 2019, 67% of internal phishing campaigns run by our customers fooled employees and resulted in divulging sensitive data. Cyber criminals are being extremely cunning in their approach to latch onto a global health emergency with malspam and we can expect to see more of this type of activity, particularly around the US elections and the Tokyo Olympics.  Read Less
February 19, 2020
Paul Bischoff
Privacy Advocate
Comparitech
Hackers and cybercriminals have been quick to take advantage of the coronavirus outbreak. This happens any time there is a public health crisis or catastrophe in which people are desperate to find more information and contribute to those affected. The fake WHO emails follow a standard formula for phishing: criminals impersonate an authority figure who uses fear and a sense of urgency to trick victims into clicking on links or attachments. Attachments often contain malware, and links lead to.....Read More
Hackers and cybercriminals have been quick to take advantage of the coronavirus outbreak. This happens any time there is a public health crisis or catastrophe in which people are desperate to find more information and contribute to those affected. The fake WHO emails follow a standard formula for phishing: criminals impersonate an authority figure who uses fear and a sense of urgency to trick victims into clicking on links or attachments. Attachments often contain malware, and links lead to phishing sites that look identical to genuine sites. Basic security precautions should prevent you from falling victim to phishing. Never click on links or attachments in unsolicited emails. Cross check the domain of sender's email address and any links in the email against the official website domain found through Google. Phishing attacks are cheap, easy, and difficult to trace. So even though most people won't fall for the scam, criminals only need to trick a few victims for the attack to be profitable.  Read Less
February 19, 2020
Erich Kron
Security Awareness Advocate
KnowBe4
This is an example of cybercriminals using an emotional trigger to get people to let their guard down. The constant media stories about the coronavirus and the associated fear due to uncertainty are the lures the use to get people to follow links in the emails, or open infected documents without taking the usual precautions. The World Health Organization would never require an email verification or a login to view public information related to an outbreak such as the coronavirus, however if the .....Read More
This is an example of cybercriminals using an emotional trigger to get people to let their guard down. The constant media stories about the coronavirus and the associated fear due to uncertainty are the lures the use to get people to follow links in the emails, or open infected documents without taking the usual precautions. The World Health Organization would never require an email verification or a login to view public information related to an outbreak such as the coronavirus, however if the email gets people worried enough about the virus, they may not apply critical thinking and enter the information without a second thought. Social engineering has long been a trick of criminals and this is especially true with cybercriminals. People should always hover the link in emails and check the email address of the sender, being careful to look for substituted numbers and letters. For example, the WHO website is "www.who.int" and their email address end in "@who.int". Attackers may try to trick people by replacing the letter "o" with the number '0', resulting in a link to www.wh0.int or a similar email address. People can also expect to see scammers sending emails asking for donations to help victims and other related ploys related to the outbreak. These are extremely common around any large newsworthy event.  Read Less
February 19, 2020
Roger Grimes
Data-driven Defence Evangelist
KnowBe4
This is among the most common hacking tactics- using a newsworthy event along with a “stressor event” to get people to drop their normal suspicions and fall for a fraud. Schemes like this are a big part of the reason why social engineering is responsible for 70% to 90% of a malicious data breaches. Every organization needs to ensure that their employees are aware of hackers using news events to push hacking schemes and use up-to-date security awareness training and simulated phishing.....Read More
This is among the most common hacking tactics- using a newsworthy event along with a “stressor event” to get people to drop their normal suspicions and fall for a fraud. Schemes like this are a big part of the reason why social engineering is responsible for 70% to 90% of a malicious data breaches. Every organization needs to ensure that their employees are aware of hackers using news events to push hacking schemes and use up-to-date security awareness training and simulated phishing campaigns to test their employees ability to fall for these types of phishes. You don’t want the first time your employee is tested to be from a real phish. Instead, using training and phish testing to educate your staff to make them far less likely to fall victim to a news scam.  Read Less
February 19, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
Whenever there is a global incident or major news story, we see criminals jumping on the trend to try and push their wares. The Coronavirus is no exception, and we've seen several variations of phishing emails under the guise of warnings, to charitable donations, to flight and travel updates. Many of these phishing emails don't contain any malicious attachments which can be scanned, so they have a high success rate in reaching the users desktop. Therefore, it's vital that users receive.....Read More
Whenever there is a global incident or major news story, we see criminals jumping on the trend to try and push their wares. The Coronavirus is no exception, and we've seen several variations of phishing emails under the guise of warnings, to charitable donations, to flight and travel updates. Many of these phishing emails don't contain any malicious attachments which can be scanned, so they have a high success rate in reaching the users desktop. Therefore, it's vital that users receive security awareness and training to ensure they can identify suspected phishing emails and report them to IT for further investigation.  Read Less
February 19, 2020
Patrick Hamilton
Security Evangelist
Lucy Security
It would be so easy to get wrapped in security blankets like zero-trust environments, but beware of being lulled into a sense of security. The people that think they are safe are the most vulnerable. You can trust the World Health Organization (WHO), can’t you? Not if they are the bad guy masquerading as the WHO. Don’t rely on a machine to tell you who to trust.
February 19, 2020
Colin Bastable
CEO
Lucy Security
Hackers love to exploit fear and uncertainty, and crises are a big opportunity for them. I suspect that the WHO is off the radar for most people, but hackers will probably exploit the prevailing global supply chain issues and health management uncertainty to launch ransomware and other attacks. Spoof emails purporting to be from constrained suppliers or health insurance can cause a lot of financial damage to victims.
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.