Beware of Ebola Virus Epidemic Phishing Scams
Security researchers from Symantec have discovered several phishing scams making the round recently. These emails claim to be providing news and reports about the Ebola virus which struck the western Africa region.
One of the phishing campaigns pretends to be a breaking news from CNN. It gives a brief story and a added a links to and "untold story". Once a recipient click on the link, he/she is directed to a page where they recipient will have to select an email provider and then insert the email login information. These are collected by the cybercriminal behind the scam. After clicking on the submit button, the user is directed to the official CNN website.
One of the phishing campaigns pretends to be a breaking news from CNN. It gives a brief story and a added a links to and "untold story". Once a recipient click on the link, he/she is directed to a page where they recipient will have to select an email provider and then insert the email login information. These are collected by the cybercriminal behind the scam. After clicking on the submit button, the user is directed to the official CNN website.
Another identified phishing email is where a person receives a mail containing some attachment pretending to be reports of Ebola. Once the user downloads and opens it, the machine is infected by Zeus Trojan, also known as Zbot. If you have an up to date antivirus, it will detect it immediately.
A more complex in nature has also been identified. The email contains a file purporting to be a PDF presentation. Once executed, a newly discovered Trojan is installed on the machine. Symantec has identified this Trojan as Blueso. “The malware is also crafted to inject W32.Spyrat into the victim’s Web browser,”
We advise our readers to me vigilant. Do not download and open any file from untrusted emails.
Source:[Symantec]
A more complex in nature has also been identified. The email contains a file purporting to be a PDF presentation. Once executed, a newly discovered Trojan is installed on the machine. Symantec has identified this Trojan as Blueso. “The malware is also crafted to inject W32.Spyrat into the victim’s Web browser,”
We advise our readers to me vigilant. Do not download and open any file from untrusted emails.
Source:[Symantec]