UnitedHealth Says BlackCat Behind Change Healthcare Cyber Attack
Debating the moral compass of a cyber criminal is quite a minefield. However, if there are any traits we can be certain of, it's that they are opportunistic. Despite knowing this, it still comes as a nasty surprise that malicious actors are taking advantage of the coronavirus to meet their own malicious agenda.
The World Health Organization (WHO) has issued a warning after becoming aware of suspicious email messages. In particular, it refers to phishing emails that impersonate the WHO in an attempt to capitalise on the outbreak that has killed more than 2,000 people.
Phishing emails all tend to follow a similar formula. Often, they contain malicious links and infected attachments, or they ask for the recipients' credentials. The message usually expresses some form of urgency too, so people often panic and comply with the requests.
That's what makes coronavirus an opportune crisis for hackers to exploit. Attackers will incite panic, which is pretty easy given the fear, uncertainty, and interest surrounding the virus. In this case, they strike while the iron is hot by sending warnings that the virus has spread to the recipients' local area. It then prompts the recipient to click on a malicious link/download or provide login details. For added effect, the sender may even use a WHO logo to make the email look more real. It's all very simple engineering, but can have great return for the sender.
Top tips to avoiding phishing attacks
Coronavirus is spurring the biggest phishing campaign of the year so far. In turn, email users would do well to learn how to spot the attacks.
The WHO states that all emails from the organisation would look like 'firstname.lastname@example.org', with no variations. In other words, if there is anything after the @ symbol that isn't 'who.int', it's not the WHO.
Furthermore, recipients should double-check links in browsers before clicking on them in the body of an email. If the URL is legitimate, recipients will be able to find it online. Usually, however, phishing links will send users to a web page that does not exist.
Context is also key. Although attackers will zero in on fear, particularly in cases such as coronavirus, recipients must consider surrounding factors. If the information is public, there should be no need for people to hand over their credentials to access it.
If you do unknowingly share your information, you don't need to panic, but you must act quickly to change all your online account details. Annoyingly, attackers can try out your credentials immediately through automated systems, making time of the essence. Despite the hassle, you would be doing yourself a great favour by ensuring you have different passwords for each website. That way, if someone does get hold of your credentials, it'll only be to one account.
Enjoy this article? Why not check out our Ask the Expert with Peter Ruffley at Zizo Software?