Microsoft has reported a massive phishing campaign that uses an Excel attachment as bait. The phishing email looks like it is from the Coronavirus Research Center of John Hopkins University–a well known medical organization in the US. The email includes an Excel attachment that is disguised as an updated list of Coronavirus-related deaths, but the file actually contains a hidden piece of malware.

If you open the infected Excel file and click “Enable Content” when prompted, a program called NetSupport Manager will be automatically installed on to your computer. This program is a tool that allows someone to access your computer remotely. Cybercriminals are using NetSupport Manager to gain complete control over a victim’s system; allowing them to steal sensitive data, install more malicious software, and even use the machine for criminal activities. Don’t be a victim!

Here are some ways to protect yourself from this scam:

• Think before you click! The bad guys know that you want to stay up-to-date on the latest COVID-19 data so they use this as bait. They’re trying to trick you into impulsively clicking and downloading their malware.
• Never download an attachment from an email that you weren’t expecting. Remember, even if the sender appears to be a legitimate organization, the email address could be spoofed.
• Always go to the source. Any time you receive an email that claims to have updated COVID-19 data, use your browser to visit the official website instead of opening an attachment or clicking a link.

Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team and LMT Technology Solutions