Beware of Ebola-themed phishing, malware campaigns and hoaxes

  • 17 October 2014
  • 5 replies
  • 3113 views

Userlevel 7
Badge +54
Well when any tragedy happens or is occurring it is ripe picking for the scammers and the Ebola epidemic is no exception at all and they will whenever given a chance exploit it, so be on uour guard.
 
Posted on 17 October 2014."US-CERT released an advisory warning users about email scams and cyber campaigns using the Ebola virus disease as a theme.

"Phishing emails may contain links that direct users to websites which collect personal information such as login credentials, or contain malicious attachments that can infect a system," they pointed out.

They advise users to be careful when dealing with these types of email messages, and urge them not to follow links or open attachments contained in them." Full Article

5 replies

Userlevel 7
Badge +56
Yea from another inside Source:
 
"While we aren't yet seeing any ebola scams or phishing/malware attempts worth mentioning, I know they will come. The weakest link as we all know is the end user and you can educate until you are blue in the face, but some users will continue to open dodgy attachments, follow dodgy/suspicious links and either get phished or infected You only have to see my blog http://myonlinesecurity.co.uk/ and read some of the comments from users who managed to infect themselves or at least open the attachments and then start to panic See also http://blog.dynamoo.com/ where there are some different examples of these emails that users fall for I tend to concentrate my efforts on the consumer and try to show as many examples of the current email with varying wording or layout as I can, whereas dynamo is slanted towards the network tech and what urls/IPs and ranges should be blocked."
 
Daniel
Userlevel 7
Badge +54
Posted by Stu Sjouwerman on Sun, Oct 19, 2014
 
EXCERPT:
 

Feel free to copy/paste/edit this blurb:
"I would like to alert you all of a recent increase in scams related to Ebola. Please double check anything you receive via email or see on social media related to Ebola, like emailed warnings, web-alerts, news updates and possibly even videos. The only way to get news about this is straight from a reputable source. Also, do not fall for fake websites that sollicit online donations for Ebola victims. Verify the site is legit before you donate anything. I have said it before and I am saying it again: "Think Before You Click!"
Here is an official message from the U.S. Government about Ebola scams:
https://www.us-cert.gov/ncas/current-activity/2014/10/16/Ebola-Phishing-Scams-and-Malware-Campaigns
 
Full Article
Userlevel 7
By John Leyden, 20 Oct 2014
 
Social media has become a conduit for the spread of fake cures and treatments for Ebola. As if that weren't bad enough, confusion about the epidemic is also being harnessed to push malware and other cybercrime scams, security watchers warn.
 
Late last week, hoaxers began latching onto news of the grounding of an Air France plane due to a suspected Ebola case in Madrid, Spain. The passenger has since tested negative, according to reports. Spanish police warnedcitizens to be careful when clicking on Ebola news and, in particular, to be careful of rumours circulating through WhatsApp. False rumoursthat Ebola has spread to a high school in Alaska, debunked by Anchorage police and the school district, were spread over Twitter.
 
 
Full Article
Userlevel 7
The following article is a update
(Ebola-themed emails deliver malware, exploit Sandworm vulnerability)
 
Posted on 24.10.2014US CERT has recently issued a warning about malware-delivery campaigns using users' fear of the Ebola virus and its spreading as a bait.

One of the most prolific campaigns is the one that impersonates the World Health Organization:

http://www.net-security.org/images/articles/who-spam-24102014.jpg
The emails in question initially linked to the malware, a variant of the DarkKomet RAT tool, used by attackers to access and control the victim's computer remotely and steal information.  Full Article
Userlevel 7
Badge +54
Another scam to watch out for.
 
October 27, 2014 | BY Jovi Umawing
 
EXCERPT:
 
Not so long ago, spam posing as an email from the World Health Organization (WHO), discovered by our friends at Trustwave, to carry a document containing information on how one can be safe from the deadly disease, which turns out to be a DarkComet RAT malware.
Recently, we found ebolawarnings(dot)com, a domain claiming to offer an early warning system tool that can alert the user of any Ebola outbreaks near their area.
Upon initial visit to the page, users are presented with the following prompt at the top-middle part of the screen:
 
http://cdn.blog.malwarebytes.org/wp-content/uploads/2014/10/ebola-with-prompts-1024x341.jpg
Download the Ebola Early Warning System Toolbar to know immediate when a threat is in your area. 
Full Article

Reply