Don’t panic! That unexpected email about an HIV test result you got is probably just an attempt to trick you into downloading malware designed to steal your personal credentials and financial info.
Researchers from security firm Proofpoint have spotted a new phishing campaign which sends out fake HIV test results to lure recipients into loading a malicious Microsoft Excel file. To seem more credible, the attackers also pose as the Vanderbilt University Medical Center.
Ironically, the campaign spells Vanderbilt wrong (“Vanderbit”).
Once downloaded the infected Excel document asks users to enable macros, which “allows the actor [to install another piece of malware] to take complete control over a user’s system.”
It remains unclear how widely spread the campaign is, but Proofpoint describes it as a “low volume” attempt. It mostly targeted “global insurance, healthcare, and pharmaceutical organizations.”
“We encourage users to treat health-related emails with caution, especially those that claim to have sensitive health-related information,” the researchers warn. “Sensitive health-related information is typically safely transmitted using secured messaging portals, over the phone, or in-person.”
“If you receive an email that claims to have sensitive health-related information, don’t open the attachments,” Proofpoint warns. “Instead, visit your medical provider’s patient portal directly, call your doctor, or make an appointment to directly confirm any medical diagnosis or test results.”
Exploiting health scares to hack into people’s accounts is hardly a new tactic for scammers.
More recently, researchers from Check Point found that coronavirus-themed domains are 50% more likely to infect your system with malware than any other domains.