During the past few weeks, there have been numerous reports of Ebola in the United States. It’s no surprise that some of these “cases” would be completely false and the result of a nationwide hysteria.
In the eyes of a hacker, this is the perfect opportunity to make an attack.
Latching onto the trending topic of Ebola, malicious internet users are able to lure frightened victims into their trap. Just yesterday, the online security firm Trustwave’s SpiderLabs published details of the scam. Most notably, the group of hackers masquerade themselves to be the World Health Organization. During times of health crisis, who ya gonna call? Not the Ghostbusters, but the World Health Organization. The email reads,
“The information and prevention listed in the attached file will help you and those around you stay safe. There is an outbreak of Ebola and other diseases around that you know nothing about. Download the World Health Organization file for more information on how to stay safe from Ebola and other preventable diseases. We care.”
You may be asking, “Well what happens if I download the file?” The answer to this question is quite unsettling. By downloading the file, the hackers are able to install the DarkComet Remote Access Trojan onto your computer, giving them access to private information. This includes access to logging key presses (every single button that you pressed on your keyboard), capturing video from webcams and stealing passwords. What’s worse is that this virus can remain undetected by antivirus software, according to SpiderLabs.
But here’s the good news: there’s no evidence of the internet virus being an epidemic. SpiderLabs claims that they have only seen one sample of the virus and have no reason to believe it will affect thousands of computers.
So now what?
The main lesson here to be learned is: watch what you’re clicking on. If a link is in the spam section of your email, it’s probably there for a reason. Avoid clicking links at all costs that lure you in with the topic of Ebola. As paranoid as it may sound, it’s a precaution that unfortunately must be taken. How are you going to distinguish between malicious hackers and the actual company giving actual tips? An indicator of which emails are infected is the time in which you receive the email. If you get an email about Ebola that just happens to be in your inbox during a time of Ebola hysteria, it’s most likely a scam. If you’ve never received emails from the company the hackers are claiming to be, it’s also most likely a scam. As stated earlier, hackers thrive on the fear of its victims. Stay safe and proceed with caution.