Login

Register

Login

Register


Cybersecurity researchers have uncovered a new phishing campaign that uses fake HIV test results to lure victims into clicking a malicious link.

The morally bereft campaign has been detected targeting insurance, healthcare, and pharmaceutical companies around the world.

In the latest incarnation of the scam, researchers at Proofpoint observed cybercriminals impersonating Vanderbilt University Medical Center and sending out fake HIV test result emails. 

Recipients were encouraged to open malicious content embedded into the message, which triggered the installation of Koadic RAT. Once installed, the malware can take complete control of a user’s system, running programs on the infected device and accessing victims’ data, including sensitive personal and financial information.

The control it gives attackers has made Koadic popular among many threat groups in recent years, particularly those thought to be state sponsored by the People’s Republic of China, the Russian Federation, and Iran.  

Though criminally accomplished, the attackers in this instance made a schoolboy error in putting together the text of their egregious email, misspelling Vanderbilt as “Vanderbit.” 

Proofpoint researchers wrote: “This latest campaign serves as a reminder that health-related lures didn’t start and won’t stop with the recent Coronavirus-themed lures we observed. They are a constant tactic as attackers recognize the utility of the health-related ‘scare factor.'”

Researchers advised members of the public to think before they click and to take into account that healthcare professionals are highly unlikely to send sensitive information such as the results of an HIV test over email.

“We encourage users to treat health-related emails with caution, especially those that claim to have sensitive health-related information,” stated researchers.

“Sensitive health-related information is typically safely transmitted using secured messaging portals, over the phone, or in person.”

Proofpoint said that the best way to avoid falling victim to phishing scams that pretend to grant access to genuine medical test results is to establish an alternative method for receiving results from your doctor. 

They said: “If you receive an email that claims to have sensitive health-related information, don’t open the attachments. Instead, visit your medical provider’s patient portal directly, call your doctor, or make an appointment to directly confirm any medical diagnosis or test results.”

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW