Global Coronavirus Outbreak, “COVID-19” Title becomes the golden key to Cybercrime

Mar 25, 2020kate
Learn more about 360 Total Security

With the development of the new coronavirus epidemic, more and more cyber attacks on the topic of coronavirus have taken. In the past few days, 360 BaiZe Labs has intercepted multiple phishing email attacks on the topic of new coronavirus. The contents of phishing emails are mostly to provide victims with COVID-19 vaccines, prevention advice, treatment plans, and some current affairs news related to the World Health Organization. The email attachments carry Trojan horse viruses, perform st ealing, and backdoor operations.

The content of this e-mail is mainly on “autonomous vaccine”, and it is said that the attachment contains a list of items that made the COVID-19 vaccine:

The following is a work notice of a company that faked COVID-19:

Disguise and dispose of COVID-19 virus as the World Health Organization:

Disguised as the World Health Organization’s solution to COVID-19:

Disguised as a WHO press release:

Disguised as a statement about COVID-19:

However, all phishing emails carry a malicious attachment. The attachments carry different Trojan viruses. They perform operations such as stealing and backdoors. These Trojans are known Trojan horse families. There are many types of malicious attachments:

Malicious PDF file

Some phishing emails carry PDF attachments titled COVID-19:

The PDF document contains a malicious URL. When clicked, it jumps to the following phishing page. The page is a fake Office login page, as shown in the following figure:

When the victim fills in the correct account password, the page uploads this information to a server controlled by the hacker, thereby stealing the account:

With the continuous development of the epidemic, the number of cyber attacks on the topic of epidemics has continued to increase. So far, we have put forward a few security suggestions to help users effectively prevent such Cyber Attacks:

  1. Be wary of emails and various text documents with COVID-19 as title.

2.The office macro is disabled by default.

  1. Install 360 Total Security, which can accurately identify all kinds of phishing websites and block all kinds of popular viruses in time.
Learn more about 360 Total Security