Cybercriminals are shameless in what they piggyback onto in order to deceive users into downloading harmful malware, as exemplified by the latest attack.
An email which appears to be from the World Health Organisation purporting to offer “information and prevention” tips about Ebola is in fact a ruse by hackers to get remote access to the reader’s computer.
The email comes with an attachment, which claims to hold information on how to keep safe from the current Ebola outbreak – but instead initiates the installation of malware on the computer, wreaking havoc for unwitting users.
Once the spam email has done its job of tempting you into downloading the attachment, those at the heart of the scam may be able to trace key presses and passwords – and even capture video via the computer’s webcam.
Discovery of the threat was made by security expert SpiderLabs, which said it believes the emails are yet to have been sent out en masse, but warned the scattergun approach of the campaign could catch a few people out.
“The address it was sent to was an old honeypot address, so it’s not exactly targeted either. These facts taken together suggest a low volume campaign (sent to whatever address list the spammer is using) in an attempt to infect random users in the hope of gaining some data that can be used or sold,” it noted in a blog.
SpiderLabs said, however, that it is not the only Ebola-related example it has come across. It highlighted another campaign which pretends to offer advice from the Mexican government about Ebola prevention.