You already knew this was going to happen. It was just a matter of waiting.
Fast on the heels of the release of President Trump's "Coronavirus Guidelines for America," malicious actors have now weighed in with their own updated version. And you shouldn't be surprised to learn that their version eschews social distancing, face masks, or anything resembling soap and disinfectant. Nope.
Instead, the bad guys are prescribing a strict regimen of malware, malware, and more malware. (For those unable to execute malware, a steady diet of credentials phishing should suffice.)
Here's what's now landing in users' inboxes -- yes, even those working from home.
Despite its brevity, this email turns out to be one of the more unusual Coronavirus phishes we've seen.
Often the bad guys struggle with language -- esp. the mind-numbingly bureaucratic kind that so often erupts from high people in high places. (Who knew that such wretchedly bad prose was so difficult to imitate?) In this malicious email, however, bad actors go full Jimmy Carter on unsuspecting users, warning them against an incipient "global economic malaise and a surfeit of misinformation." (Yeah, we actually had to use a dictionary for that one.)
Fear not, though. The bad guys have the solution. And it involves unhappy users sitting in "carantine" clicking through to a landing page spoofing the White House itself and downloading the President's "NEW Coronavirus Guidelines for America."
These NEW guidelines are, of course, malware in the form of a file named "Information.doc." Although two engines on VirusTotal are currently flagging the file with what look to be heuristic detections of some sort, the file we received appears to be corrupt. (For that turn of events we would encourage one and all to give a couple of full-throated Bronx cheers in celebration of Murphy's Law.)
Once we manage to get our hands on version 3.0 of these "guidelines" and obtain a better picture of just what the bad guys are pushing, we'll update this blog post.
Until then, though, it would undoubtedly be a good idea to warn your users once again about the dangers of clicking through malicious links and attachments found in dodgy emails offering information or "guidelines" about the COVID-19 pandemic.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your quote for KnowBe4's security awareness training and simulated phishing platform and find out how affordable this is!
