The heart of tech

This article was published on March 10, 2020


That unexpected ‘HIV test result’ email you just got is probably a scam

Don't open it!

That unexpected ‘HIV test result’ email you just got is probably a scam
Mix
Story by

Mix

Former TNW Writer

Mix is a tech writer based in Amsterdam that loves cinema and probably hates the movies that you like. Tell him everything you despise about Mix is a tech writer based in Amsterdam that loves cinema and probably hates the movies that you like. Tell him everything you despise about his work on Twitter.

Don’t panic! That unexpected email about an HIV test result you got is probably just an attempt to trick you into downloading malware designed to steal your personal credentials and financial info.

Researchers from security firm Proofpoint have spotted a new phishing campaign which sends out fake HIV test results to lure recipients into loading a malicious Microsoft Excel file. To seem more credible, the attackers also pose as the Vanderbilt University Medical Center.

Ironically, the campaign spells Vanderbilt wrong (“Vanderbit”).

[Read: Scientists need your computing power to find a cure for coronavirus]

Once downloaded the infected Excel document asks users to enable macros, which “allows the actor [to install another piece of malware] to take complete control over a user’s system.”

It remains unclear how widely spread the campaign is, but Proofpoint describes it as a “low volume” attempt. It mostly targeted “global insurance, healthcare, and pharmaceutical organizations.”

We encourage users to treat health-related emails with caution, especially those that claim to have sensitive health-related information,” the researchers warn. “Sensitive health-related information is typically safely transmitted using secured messaging portals, over the phone, or in-person.”

“If you receive an email that claims to have sensitive health-related information, don’t open the attachments,” Proofpoint warns. “Instead, visit your medical provider’s patient portal directly, call your doctor, or make an appointment to directly confirm any medical diagnosis or test results.”

Exploiting health scares to hack into people’s accounts is hardly a new tactic for scammers.

More recently, researchers from Check Point found that coronavirus-themed domains are 50% more likely to infect your system with malware than any other domains.

via CyberScoop

Also tagged with