The Coronavirus pandemic continues to impact organizations across the globe. This hardship gives cybercriminals the perfect bait: a promise of financial relief. Currently, cybercriminals are impersonating the United States Small Business Administration (SBA) with a very convincing phishing email. While this specific scam targets organizations in the US, this tactic could be used in any country, for any kind of relief fund.
It was the early morning hours when the phone rang. A fire had broken out in the building where we had our business. We threw on our coats and raced to the location. All I saw were flames and smoke as the firefighters worked to gain control of the blaze. It wasn't a surprise when I was informed the structure was a total loss - and everything in it. Where do we go from here?
There’s a phishing attack out there that is stealthy and not easily detected until the damage is done. It’s called Vendor Email Compromise, and it’s worth billions worldwide.
Microsoft has reported a massive phishing campaign that uses an Excel attachment as bait. The phishing email looks like it is from the Coronavirus Research Center of John Hopkins University–a well known medical organization in the US. The email includes an Excel attachment that is disguised as an updated list of Coronavirus-related deaths, but the file actually contains a hidden piece of malware.
