Media outlets are reporting daily on the coronavirus outbreak in Wuhan and the emergency repatriation of foreign citizens that found themselves in the thick of it.
As cases of the virus infection keep popping up across the world – demonstrating just how small (i.e., well-connected) our planet is – so do fake news and videos about the situation on social media, as well as malware, phishing schemes and other scams in people’s inboxes.
The latest example of the latter are fake emails purportedly coming from the World Health Organisation (WHO), which is, ironically, engeaged in fighting an “infodemic” of fake coronavirs-themed news online.
Emails impersonating the WHO
The email, spotted by the Sophos Security Team, uses a trick lately favored by phishers and scammers: “Click here to download safety measures to prevent the spread of the coronavirus.”
The link takes the potential victim to a compromised web page containing a frame that renders the legitimate WHO page, which currently and prominently sports a link to information about this novel coronavirus.
Unfortunately, it also shows a simple pop-up asking the potential victim to “verify” their email by entering their email address and password. Those who fall for the trick are redirected to WHO’s legitimate page, while their email login credentials end up in the phishers’ hands.
Always remember to check potential e-mails for spelling and grammatical mistakes, hover over links to make sure the link is legitimate, and be wary of signing up for a service through an e-mail attachment.
Article sourced from HELPNETSECURITY.