The word Ebola is enough to scare the living daylights out of anyone due to the ongoing outbreak in West Africa and now cybercriminals have started using this fact as bait to infect PCs. Symantec has detected a phishing campaign as well as three types of malware dressed around the theme of this dreaded virus.
The Ebola virus phishing attack sees the hacker in question packaging a mail to the intended victim as a breaking story sent directly to them from ‘CNN.’ It contains a news summary of the ensuing outbreak and includes links to an ‘untold story.’
The message is also made to look like it carries vital information on precautions to be taken against the deadly virus and a list of targeted regions. And to probably bait conspiracy theorists but the sound of it, the email also hints at terrorism with the possible intention of implying that the virus is a bio-weapon.
The links in the message lead to a web page which requires users to pick their email provider and type out their sign in details. If a naive visitors ends up doing so, he or she is sent to the actual CNN homepage, while the phishers get their victims’ login information delivered to them on a plate.
As for infecting PCs, attackers are found to be targeting them by sending Trojan.Zbot worms in the guise of Ebola virus reports. One malware identified by a post on the Symantec blog as Backdoor.Breut comes in the form of an attachment promising information on an experimental Ebola drug called Zmapp.
But the trickiest campaign is the Trojan.Blueso malware that hides under the bogus cloak of multinational telecommunications service provider Etisalat. It does added damage by bringing along W32.Spyrat which can record your keystrokes, download or upload files, delete stored content and more.
Since you obviously don’t want any of these phishing or malware campaigns to infect your PC, it would be wise to resist the temptation of opening unsolicited emails even if they’re talking about the Ebola virus.