We have a situation or rather the WHO does

World Health Organisation logo

Another coronavirus themed hacking attempt is now doing the rounds.  Microsoft has warned of a huge phishing campaign where the email is sent containing malicious Excel macro attachments. 

According to Microsoft, the email has a subject line “WHO COVID-19 SITUATION REPORT”.  So, the attackers are using the World Health Organisation (WHO) as bait, and with the pandemic crisis putting everyone on edge, it is no surprise that people are falling victim. 

The campaign started last month and has already used hundreds of unique attachments.  The attachments contain a series of graphs intending to show the number of coronavirus cases in the US, which on the face of it may look genuine.  However, the purpose is for the malicious Excel macros to download and run a popular remote access tool allowing hackers to access and run commands on the victim’s computer.  

With more and more people changing their working habits and working remotely, the amount of time being spent on computer devices and social media has increased vastly, and cybercriminals are using this to their advantage.  Emails are a great tool for communicating so it’s no surprise that this is the popular choice for the hackers, but they’re being clever with this latest campaign since they’re using what appears to be genuine attachments, rather than dodgy-looking and malicious URLs.  

Our advice remains the same, if you are unsure or skeptical about any email you receive or an attachment, then do not open it.  If the message is genuine and it is important, the sender will find another way of reaching out and getting hold of you.  Alternatively, contact the organisation that claims to have sent the email and ask them outright.  

If you are genuinely interested in finding out about the situation reports that the WHO produce, you can visit their website - https://www.who.int/emergencies/diseases/novel-coronavirus-2019/situation-reports

Stay safe online