| |
HB1PMS > TECH 21.02.20 09:10l 82 Lines 3585 Bytes #999 (0) @ WW
BID : 2157HB1PMS
Read: GAST
Subj: WHO Warns of Phishing Scams Related to Coronavirus
Path: DBO595<DBX320<FRB024<NL3TD<NL3PRC<GY1BBS<HB1BBS
Sent: 200219/2005Z 8458@HB1BBS.ZL.NLD.EU BPQ6.0.19
Van: HB1PMS@HB1BBS.ZL.NLD.EU
WHO Warns of Phishing Scams Related to Coronavirus Alert
February 18, 2020 | Identity Theft, Fraud, Scams
art, background, blue, business, coronavirus, damage, design, disease,
element, emblem, fabric, flag, flat, global, graphic, health, icon,
illustration, modern, organization, outbreak, render, sick, sign, symbol,
virus, who, wind
The phishing messages ask the targets to share sensitive info like usernames
and passwords.
Any email address other than ‘person@who.int’ format is not from the WHO.
The World Health Organization (WHO) has released a warning about
Coronavirus-themed phishing attacks that impersonate the organization with
the goal of delivering malware and stealing information.
What happened?
The WHO has confirmed that phishing emails, camouflaged to appear as sent by
WHO officials regarding Coronavirus alert, were being distributed by the
cybercriminals.
The phishing messages ask the targets to share sensitive info like usernames
and passwords.
It also redirected users to a phishing landing page via malicious links
embedded in the emails.
In some cases, it requested victims to open malicious attachments.
"WHO is aware of suspicious email messages attempting to take advantage of
the 2019 novel coronavirus emergency," the agency said in the Coronavirus
scam alert.
How does the phishing campaign work?
In the email, users are generally asked to go through the attached document
regarding safety or preventive measures for Coronavirus.
Users are then directed to download the attachment on their system simply by
clicking on a "Safety Measures" button.
Once clicked, it redirects them to a compromised site (a phishing page)
controlled by the attackers.
The page loads the WHO website in a frame in the background with a pop-up
asking the users to verify their e-mail.
Clicking on the "Verify" button exfiltrates their credentials to the
attackers’ server. At the same time, the user will see that they are being
redirected to the WHO's official website.
Recommendations
"If you are contacted by a person or organization that appears to be from
WHO, verify their authenticity before responding," read the WHO advisory.
Any email address other than ‘person@who.int’ format is not from the WHO.
Make sure the link starts with ‘https://www.who.int’
Stay alert, giving in username & password to access public information is
unusual.
Cybercriminals use emergencies such as 2019-nCov to get people to make
decisions quickly, but do not panic.
Change your credentials if you somehow surrendered your current credentials.
Lastly, the WHO provided helpful links for contacting or reporting a scam to
WHO to help anyone in need.
73 Henk.
======================================================================
_ _ ____ __ ____ ____ _____
| | | | _ \/_ | _ \| _ \ / ____| SYS: Henk (hb1nos@hb1bbs.com)
| |__| | |_) || | |_) | |_) | (___ QTH: Ouwerkerk - JO11XO
| __ | _ < | | _ <| _ < \___ \ BBS: HB1BBS.ZLD.NLD.EU
| | | | |_) || | |_) | |_) |____) | QRV: 27.235 MHz (FM 1200bps)
|_| |_|____/ |_|____/|____/|_____/ WEB: www.hb1bbs.com
======================================================================
** Host of BPQ Netrom/Node NLDHUB::NL9HUB 85.214.163.10 UDP 93
======================================================================
** This message is generated with Sally 7.2.033
----------------------------------------------------------------------
** Timed woensdag 19 februari 2020 21:02 West-Europa (standaardtijd)
** BBS HB1PMS@HB1BBS.ZL.NLD.EU
Lese vorherige Mail | Lese naechste Mail
| |