One Virus, Two Ways

How Scammers Are Using the Coronavirus to Trick Their Victims

By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow
Read other articles by this author

As if the fear of the Coronavirus outbreak weren’t enough to have the world on edge, there’s a new way that the virus is impacting humans: through email cyber-attacks.

The method of contamination takes a trusted name, the World Health Organization, and uses it to falsely disperse information about the virus, and in reality, disperses malware in the form of the “AgentTesla Keylogger”.

To accomplish this, hackers have their own email campaign running in an attempt to feed on public fear. The campaign centers around a Coronavirus conspiracy theory and indicates that the email contains information about unknown cures. When an individual clicks on the attachment contained in the email, they are unknowingly accepting the malware. One particular campaign goes as far as deploying a DocuSign page where users enter personal information in the hopes of being sent additional information on the “cure”. A second method is using a Microsoft Word attachment to redirect users to a fake Microsoft Office website where the World Health Organization name appears to give additional credibility. From here, more information is input by the user.

While the AgentTesla Keylogger is one virus deployed, there are multiple others. These work to obtain users’ personal and financial information via input from the users themselves. A keylogger tracks all input from the unsuspecting user, and basically gives away every bit of information that the individual enters into their computer moving forward.

The U.S. Centers for Disease Control and Prevention does indicate that the risk for the general American public is low in regard to the Coronavirus. However, they continue to monitor the situation, just as you should continue to monitor on your own when it comes to your business becoming infected.

Be on high alert if you receive an email with information about the virus and pause before clicking or providing personal or business information. Even the simplest of intentions can lead to a much larger “outbreak” for an organization.

This article was originally published on HIPAA Secure Now! and is republished here with permission. HIPAA Secure Now offers annual online subscriptions to help covered entities and business associates keep up with compliance. Learn more here.

HIPAA Secure Now! now offers PHIshMD training for CEs and BAs to help protect your organization from security threats.

Technology safeguards put a virtual wall around your network, but what happens when the bad actors climb over that wall? It’s up to your employees. Over 90% of breaches get caused by human error according to Kaspersky Lab, and if you’re not educating users HOW to protect your organization in this ever-changing threat landscape, your organization could be next. LEARN MORE