Cybercriminals are busy sending series of scam emails to deliver malware by leveraging on the coronavirus crisis to capture people’s attention.
The malware threats started as early as January, but has gathered momentum following the global pandemic as the attackers attempt to trick people into giving out their financial data by delivering malware-laden emails. Many of the scams rely on old phishing methods that exploit Microsoft Office vulnerability that has remained unpatched for years.
According to the US Secret Service (USSS) information alert, the “Fraudulent COVID-19 Emails with Malicious Attachments” masquerades as COVID-19 status emails from merchants to other businesses and organisations to their employees.
How Cybercriminals exploit Microsoft Office flaw to Install Malware
The hackers use faux alerts, which sought to remotely install malware on targeted system to harvest financial credential, install keyloggers, or lockdown the system.
And the malicious attachments are mostly Microsoft Office file types that exploit a decades-old, but now-patched vulnerability in Microsoft Office, which according to the US Secret Service the attack vectors have evolved with existing variations. It is now capable of stealing login credentials, and accessing all files and folders as well as cryptocurrency information.
The phishing emails are disguised as coming from hospitals, with recipients notified of having come in contact with a coronavirus-infected person, with malware-laden attachments to a downloadable Excel file, which exploits the same Microsoft Office vulnerability.
Another variation of this attack follows the guise of an email from the US Department of Health and Human Services (HHS), targeting medical suppliers, by asking them to provide protective medical equipment from attached lists that contain malware.
How Businesses can secure against the Fraudulent COVID-19 Email Scams
The US Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA) have issued a guidance on how the exploitation of COVID-19 by malicious actors can be mitigated, offering a series of steps organizations can take to reduce the risks.
According to the agencies, organizations are recommended to make it more difficult for attackers to reach their employees by employing firewalls and antimalware systems. And also help to identify and report suspected phishing emails while responding quickly to incidents.
But above all, as the attackers take advantage of a decade-old Microsoft Office vulnerability to deliver malware, ensure your software is up to date.