Categories: NewsTech

PSA: This “corona-virus” e-book isn’t from WHO, it’s dangerous malware

The COVID-19 pandemic has affected many of us in impacted regions, with 242,830 confirmed cases of infection across 170 countries. In Malaysia, most workers, other than those in essential services, are working remotely in a bid to “flatten the curve” of the coronavirus spread. And yet, opportunists have taken advantage of the situation with a series of malware, including a fake coronavirus map app and various other schemes.

With that in mind, cybersecurity experts at Malwarebytes Labs have been monitoring possible threats within their own email inboxes. As a result, they’ve found a new phishing campaign that was purportedly sent to their inbox by the World Health Organisation—and the whole scam is built around a fake e-book that is claimed to have everything you need to know on the “corona-virus”.

It’s not obvious to everyone

Like many other phishing campaigns, the whole point of the scam is to convince the victim that the perpetrators represent some sort of official party. In this case, the cybercriminals promise the latest info on the COVID-19 outbreak, although there are a few errors: “Corona-virus” being the most glaringly obvious.

Again, like other phishing scams, the vast majority of targets realise early on that the email isn’t from an authentic source, and discards it without a second thought. But the danger here is when those that aren’t familiar—in subject topic, language, or form of communication—receive such emails.

SOURCE: Malwarebytes

And while it may be obvious that WHO isn’t going to misspell COVID-19 as the “Corona-virus”, the malware contained within the files attached can still be dangerous to those who are duped.

How does it work?

The key is to understand how such scams work. Here, a fake e-book, My Health E-book, is attached to the email as bait, along with other bits of information on the outbreak. There’s even a section that teaches you to protect your children and… business centres (because the two obviously belong in the same sentence).

When the attached .zip file is downloaded, there is an executable (.exe) file inside the archive—when this is executed, malware is then downloaded (GuLoader). Capabilities of the malware include key-logging, accessing browser data, and stealing personal information.

A good habit is to always look at the extension of a file before you open it. For example, an e-book would be in .epub or .pdf format, perhaps even .doc—but not an executable file. In general, you should never download files from unknown sources.

The wealth of malware that seeks to take advantage of the current COVID-19 situation is growing, but with awareness and attention, you can prevent yourself from becoming another victim. Of course, if you know of anyone that may be susceptible to a scam like this, remember to share this article with them.

[ SOURCE ]

Recent Posts

DC Handal deploys 4 EV charge points at Pearl City Mall Penang

DC Handal has just turned on its new EV chargers at Pearl City Mall which…

9 hours ago

redONE Mobile and Sinar Harian to Host FIFA World Cup Final Live Screening in Shah Alam

Malaysian Mobile Virtual Network Operator (MVNO) redONE Mobile has announced a collaboration with media outlet…

19 hours ago

Samsung Galaxy Z Fold 8 and Z Fold 8 Ultra promo images leak ahead of launch

The Samsung Galaxy Z Fold 8 and Z Flip 8 foldables are scheduled to be…

20 hours ago

ChargEV deploys additional EV chargers at Aeon Mall Cheras Selatan, up to 180kW

ChargEV has deployed additional chargers at Aeon Mall Cheras Selatan, bringing the total number of…

21 hours ago

Apple Back to School 2026: Get up to RM600 Gift Card when you buy Mac or iPad

Apple has kicked off its new Back to School promo in Malaysia, which offers students…

1 day ago

6 Places You Can Watch the FIFA World Cup 2026 Finals Live in Malaysia

It has been a thrilling month filled with late-night matches and dramatic goals, and we…

1 day ago

This website uses cookies.