According to an International Business Times article, spammers are using the recent Ebola crisis in West Africa to spread a computer virus. The spammers are sending out emails claiming to be from the World Health Organization regarding Ebola. The readers are told to download an attachment that will show them how to protect themselves from Ebola – but in reality the attachment causes an infection of a different kind.
Once downloaded, the attachment installs a remote access Trojan that gives the spammer complete control over the readers’ computer, giving them the ability to do everything from use the computer’s microphone to record conversations to steal passwords, or lock down the computer.
Find out more about the Ebola spam attack by reading the International Business times article.
Playing on fears
It’s a cliché, but timing is everything. One reason for this particular email’s success in delivering malware is its ability to play on people’s fears about Ebola. In another six months, an email like this might not elicit the same reaction, but another one will take its place.
Spammers are becoming much better at what they do. Instead of just blasting out a generic “Nigerian prince” email which contained misspellings and poor grammar (obvious signs of email spam), effective spammers are now carefully considering the timing and topic of their email. You can rest assured that spammers will hop on whatever is the next cause of public anxiety and paranoia and use it to trick people into opening emails and installing malware on their computers.
Delivering to the right audience
But there’s more to this email than its timing. It was sent to a few hundred organizations that are helping deal with the Ebola outbreak. Depending on the definition you use, the Ebola email might even be considered spear phishing.
Spear phishing is a great example of spammers becoming extremely targeted. Spear phishing is a specific kind of email phishing attack hackers use to gain access to sensitive data. When someone sends you a spear phishing email, it looks like it’s coming from someone you trust. Although the email referenced above didn’t come from a specific person the recipient trusted, it did look as if it came from the World Health Organization – a group that anyone with fears about Ebola respects and trusts. The email contains a link to a website that appears to be legitimate, but instead delivers malware that gives the hacker access to your network and its data.
Keeping up with spammers
The advanced level of targeting and timing of this email – and the dangerous Trojan it delivers – should gives IT security folks everywhere pause: Spammers are always getting better at what they do. Is your email security getting better, or is it standing still?
Sendio is always moving forward, finding innovative ways to keep bulk email and malicious attacks like the one we write about above out of your inbox. Sendio offers solutions to enterprises and institutions that will increase employee productivity while eliminating all spam and bulk email without any false positives – ensuring you only receive emails from trusted sources. To learn how Sendio can help your business achieve greater email efficiency, call (949) 274-4375.
