Coronavirus phishing attack disguises as a message from the Center for Disease Control

Coronavirus phishing attack disguises as a message from the Center for Disease Control









With the number of people infected by the Coronavirus increasing around the world, online criminals are showing more signs of exploiting public concern.


Security researchers at Kaspersky have identified as phishing campaign that poses as an email from the United States’ CDC (Centers of Disease Control).


The email’s subject line is certainly likely to catch the eye of many people, as it claims to be emergency information related to “Coronavirus outbreak in your city”:





Coronavirus phishing email. Source: Kaspersky

Casual examination of the email might make users believe they are reading an email seny by cdc.gov – the genuine internet domain of the Centers of Disease Control. However, the email hasn’t been sent from the CDC’s servers, but instead uses the lookalike address of cdc-gov.org.


And the link shown in the HTML email pretends to go to cdc.gov, but instead takes the unsuspecting user to a fake Microsoft Outlook login page that attempts to steal users’ email login credentials.





Outlook phishing page. Source: Kaspersky

The domain cdc-gov.org was first registered on January 31 2020, in an opportunist attempt by cybercriminals to exploit the Coronovirus outbreak for their own ends.





The researchers at Kaspersky also warn that they have seen a separate scam, using the slightly different domain cdcgov.org (registered on 2 February 2020).


In this instance, the emails are not being distributed to p ..

Support the originator by clicking the read the rest link below.