Cybercriminals Using Fear of Ebola to Expand Malware Network
As fears about the Ebola virus continue to rise, cybercriminals are beginning to leverage public concern to trick victims into clicking on malicious links. The lack of knowledge and fear surrounding the Ebola epidemic is the perfect environment for hackers looking to score big. The greater number of people interested in a topic, the more victims will click on a malicious link related to it, and more people are becoming concerned about Ebola by the minute. When the links involve a timely topic, victims are encouraged to share them more frequently, growing the size of the victim pool at a rapid pace.
Phishing campaigns using phony information about possible Ebola cures to bait victims into reading malicious emails have been popping up all over. According to researchers with security firm Symantec, once a target opens a spam message containing the suspicious links, malware is installed that infects the machine with a Trojan that can log keystrokes, gather information on users’ email account information and even record webcam footage.
Feds warn about Ebola phishing scams
Last week, federal cybercrime watchdog US-CERT issued a warning about email scams using the Ebola virus as bait, Help Net Security reported. The sites that are being linked to in the phishing emails can contain malware or have the ability to steal visitors’ personal information, including login credentials. One such campaign pretends to share a news story from CNN regarding the use of Ebola by terrorists to target U.S. citizens. A provided link encourages readers to visit the site to learn more about prevention methods. Those who click are asked for their email address and are redirected to CNN’s actual site once they enter their information. The email data is sent directly to the cybercriminals and no one is the wiser.
According to the cybersecurity blog Check and Secure, instances of malicious links within stories about Ebola have been seen around the world, including in the U.S., Europe and even Africa. US-CERT urged in their warning that users update their antivirus software and take steps to avoid being the target of a social engineering scam.
Oftentimes, organizations find that traditional antivirus programs or firewalls aren’t enough to protect enterprise networks and information from cyberthreats. When this is the case, a security information and event management service can help to fill in the gaps. With a concierge SIEM solution, enterprise systems are continuously monitored and event activity is analyzed to provide reliable information about the threats facing a company at any given time. SIEM services look for activity around the clock so no suspicious behavior or security incident will go unnoticed.