Cybercriminals Using Fear of Coronavirus to Steal Email Credentials

Last week security researchers with IBM X-Force and Kaspersky, leaders in cyber security, discovered that hackers are sending spam emails disguised as legitimate information about the Coronavirus. The emails actually contain malware that could infect desktop PCs and smartphones.

This week the scam has come to the United States. Researchers have found phishing emails from cybercriminals purporting to be from the Centers for Disease Control and Prevention and the World Health Organization and coming from “cdc-gov.org” instead of the CDC’s real domain which is “cdc.gov.” 

The emails claim to have important information on the Coronavirus.  They say that the CDC has established a management system to coordinate a domestic and international public health response and urges recipients to open a page that allegedly contains information about new cases of infection around their city.

Instead, the link takes them to a page that asks visitors to enter their login information. Once the information is entered, it is passed on to hackers who will then use it to access their email account. 

In another version of the emails, coming from the fake “cdc-gov.org,” include appeals for donations to help find a cure for the Coronavirus, even though the CDC does not take donations. 

According to Lisa Leach Goth, owner of Charles Leach Agency and a local agent specializing in cyber, “People need to be aware that hackers will use any means possible to gain access to your accounts, including a horrific virus that is killing people all over the world.”