Coronavirus-related phishing scheme evades email security

Featured image

Share this article

Hand-held device on a wood background with the Microsoft Sign in web page on the screen.

As originally stated April 1 on threatpost.com, a new coronavirus-related spoofing campaign eludes advanced threat protections.

The payload for the cybercriminal appears to be stolen Microsoft log-in credentials; how the hacker will use the information in the future is still unknown.

How does this phishing scheme work?

Researchers discovered the threat early in April; many coronavirus-related schemes appeared in March and will more than likely not slow down any time soon.

This phishing scheme circumvents email detection security by spoofing the domain splashmath.com, an online learning game for children, and sending a mass email that entices victims to click on the link within.

Instead of coming from the site, however, the email comes from a single IP address in Kaunas, Lithuania.

Microsoft Office 365 gateway protocols, designed to safeguard end users from clicking on malicious links and attachments, have failed to block the false email.

Within the message, the threat actor uses social engineering to promise information on new coronavirus cases in the victim’s local area.

RELATED: What is Social Engineering and Why Healthcare is Vulnerable

The scheme takes advantage of people’s need for up-to-date information by utilizing keywords such as the World Health Organization acronym ‘WHO’ and ‘community.’

The link will direct a user to a fake Microsoft log-in screen with their username (taken from their email) already visible; all they have to do is enter their password.

And once a victim logs in, their information is stolen.

Why is this happening?

People want to learn as much as possible about the coronavirus and how it affects their community and the world.

Furthermore, the growth of people and organizations using Microsoft Office 365 and working from home, enables hackers to discover new methods of exploitation and targeting.

RELATED: Cybersecurity Challenges of Remote Working

Microsoft acknowledges that cybercriminals appear to be focusing their attention on gateway and VPN vulnerabilities, particularly among those in the healthcare industry.

For healthcare organizations to properly safeguard protected health information, utilizing a strong, HIPAA compliant email is more important than ever.

What can you do to stop this?

Everyone must be vigilant about how they access the news and read their emails.

Only visit official websites; if sent an email asking you to visit a web page, type the website into the address bar without clicking a link or opening an attachment.

And if you do open a link/attachment that brings you to a secure-looking screen, do not login.

Ensure that your cybersecurity system is up-to-date and that you utilize email security, such as Paubox Email Suite Plus, which stops phishing emails from reaching your inbox in the first place.

And finally, update your knowledge on new phishing methods as well as how to recognize a phishing scheme.

Layer your cybersecurity and always be attentive in order to protect yourself from future cyberattacks.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022