Hackers are now capitalizing on the outbreak of coronavirus as a medium to disguise as the World Health Organization (WHO) and attempting to steal user information through phishing campaigns.
According to information released by WHO, they are aware of suspicious parties taking advantage of the fact that fake news surrounding the outbreak is running rampantly on social media and it would be a good opportunity to bait people into giving out their information by acting as legitimate organizations. Phishers are utilizing emails to victims and instruct them to either:
- Click a malicious link
- Download a malicious file
- Redirecting to phishing websites to log username and password
WHO also provided several ways to prevent users from getting phished, which are:
- Verify sender email and cross-examine with the official address provided by the website. Emails from the real WHO will only have “who.int” right after the “@” sign. Anything else is fake and malicious.
- Check the URL before clicking. Double-check any links attached to the email or do a quick search through a search engine for the legitimate website or simply key in the URL manually for added security.
- Be vigilant when providing personal information. There are no legit reasons for someone to provide sensitive information to access publicly available news and sources.
- Do not rush decisions or get pressured by parties not related to WHO. Emergencies such as outbreaks could cause panic amongst the public and details for identifying hoax can be missed. Always take time to verify authenticity of requests.
- If any sensitive information is given out by mistake, do not worry and act swiftly. Quickly resetting the phished email and password through the use of recovery services could save your account from being accessed illegally.
- Report any similar cases you have came through to WHO. Just let them know to gather more exposure for this matter.
Security experts have also spoken out against these attackers abusing the idealogy of personal needs of safety to trick users into handing out credentials, as described by Chris Hazelton on Lookout. Slashnext’s CEO Atif Mushtaq also supports the statement by weighing social engineering attacks more potent than breaching networks for secured data. Meanwhile, Lisa Plaggemier at MediaPro suggests keeping antivirus up-to-date and do not open any links or files that are not expected.