Never open emails from people you don’t know, or from people you know but do not expect to hear from. That’s the hard and fast rule for Internet health, whch today should be amended to include: Never, Ever open emails from the World Health Organization offering “information and prevention” tips about Ebola.
If you click on the attachment, you’re likely to end up with a nasty digital infection, the online Security firm Trustwave’s SpiderLabs warned this morning.
Will you offer us a hand? Every gift, regardless of size, fuels our future.
Your critical contribution enables us to maintain our independence from shareholders or wealthy owners, allowing us to keep up reporting without bias. It means we can continue to make Jewish Business News available to everyone.
You can support us for as little as $1 via PayPal at firstname.lastname@example.org.
Our friendly Cyber criminals are using the Ebola pandemic as a hook for emails that—once clicked—install malware that gives them remote access to computers, including logging key presses, capturing video from webcams and stealing passwords.
SpiderLabs team of ethical hackers published details of the scam, warning in particular about emails that pretend to come from the World Health Organization.
“The information and prevention listed in the attached file will help you and those around you stay safe, ” says one such email published on SpiderLabs’ blog.
“There is an outbreak of Ebola and other diseases around that you know nothing about. Download the World Health Organization file for more information on how to stay safe from Ebola and other preventable diseases. We care.”
The email installs the “DarkComet Remote Access Trojan” which can run on computers “undetected by antivirus software” according to SpiderLabs.
The Guardian noted this morning that any topical news event should be expected to be fuel for cyber criminals, so just don’t delete any unexpected email in your inbox.
SpiderLabs also noted a recent warning from the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) about Ebola-related phishing and malware campaigns.