author photo
By Bruce Sussman
Fri | Mar 20, 2020 | 5:30 AM PDT

Hackers and cybercriminals must have a pretty dim outlook on the world.

That's the only way to explain a phishing campaign targeting medical professionals in the midst of a global pandemic.

COVID-19 phishing attack against doctors and nurses

The phishing email uses the following subject line:

"ALL STAFF: CORONA VIRUS AWARENESS"

And it uses the following sign-off:

"Best Regards, IT-Service Desk"

U.K. broadcaster Sky News obtained one of the actual phishing memos, which makes it sound like everyone on the staff must sign up for government mandated coronavirus awareness training.

Listen to what the hackers wrote:

"In view of this directives, the institution is currently organizing a seminar for all staff to talk about this deadly virus. All employee/staff are hereby ask to quickly participate in this quick survey to show your awareness...."

The email uses words like "compulsory" and "mandatory" and threatens "disciplinary measure" for anyone who fails to comply with the email.

It then asks the medical staff to give the email a click. Surprise, surprise.

"Kindly follow the link SURVEY/SEMINAR to participate in the survey and register for the seminar."

Here is the phishing email:

coronavirus-phishing-hospital-staff

What if employees click links in phishing emails?

According to Sky News, the link takes employees to a spoofed site asking for their credentials:

"The link takes anyone clicking on it to a third-party website disguised as an Outlook web app. Anyone who fills in that form ends up giving their details to the hackers."

This is common practice for hackers who are looking to trick end-users into typing their network or email credentials into a spoofed form.

They then take those credentials and either sell them on the Dark Web or use them to access the organizational network and launch a cyber attack themselves.

[RELATED: Coronavirus and Cybercrimes: How Low Can They Go?

Hackers and cybercriminals must have a pretty dim outlook on the world. 

That's why we are extra thankful for the large number of cybersecurity defenders who refuse to quit learning and adapting.

Join your peers for complimentary online briefings and collaboration through the brand new SecureWorld Remote Sessions

And learn on the go, anytime, with our podcast series.

Let's keep the learning going... and growing.

Comments