CoronaScam.org

Coronascam Malicious files disguised by COVID-19 data

Malicious files disguised by COVID-19 data

‘Do (not) view attached document’ - Growing interest in COVID-19 information leads unsuspecting victims into a trap. 

‘Do (not) view attached document’ - Growing interest in COVID-19 information leads unsuspecting victims into a trap. 

It’s been several months since many people began working from their homes due to travel restrictions, health concerns, and social distancing measures. The rise in people working at home presents an ideal opportunity for attackers to gain access to their home networks. 

Attackers are now using spear phishing emails misusing COVID-19 information to do so, most of which is spam. This form of contact can make it easier to mislead victims to download and possibly open malicious documents. 

Taking advantage of everyone’s interest in news related to COVID-19, attackers are finding ways to use sources of COVID-19 information as bait. Below is an example of an email containing a Microsoft Excel Document with Coronavirus (COVID-19) Data in the United States. 

image3-2

When a user enables macros, this malicious document downloads and executes an executable file.

image2-4

This executable file allows attackers to gain access to the victim's computer.

image1-10This is just one of the examples of attackers using the current situation in their favor, and they are not limited to Word or Excel files, but also other file types that can be spread through emails.

Even with trusted sources, we should think twice before opening an attachment that contains Excel documents. This is especially true when the document requires the enabling of macros. 

The best way to stay safe is to use common sense, use antivirus software, and to ignore attachments from untrusted sources.