网络安全公司Proofpoint Inc.称，自1月底以来，提及冠状病毒的恶意电子邮件数量大幅增加。Proofpoint的高级主管德格里波(Sherrod DeGrippo)表示，该公司最近专门指派了一名分析师跟踪冠状病毒相关的网络威胁活动，而在此前与灾难或重大公共事件相关的黑客活动中，该公司从未这样做过。Proofpoint的分析师们发现，现在每一天都有很多邮件提到这种冠状病毒。
休斯顿R. McConnell Group PLLC律师事务所的创始人瑞安·麦康奈尔(Ryan McConnell)说，有关冠状病毒的信息的缺乏，以及大量相互矛盾的说法，为犯罪分子提供了一个机会。“这种冠状病毒风险更高，因为人们很害怕，所以它是诈骗的好工具。”
根据Proofpoint提供的屏幕截图，其中一封发给运输行业公司的电子邮件据称是来自世界卫生组织(World Health Organization)的一名工作人员。邮件中包括了世卫组织标识和如何监测船上船员的冠状病毒症状的说明，还包括一个附带说明的附件。
为对冲基金、投资银行和其他金融服务公司提供服务的网络安全公司Agio LLC的CEO麦克唐纳(Bart McDonough)表示，他曾见过冒充市政卫生部门向客户发送电子邮件，向企业提供有关病毒的信息。“坦率地说，美国疾病控制与预防中心和世界卫生组织的造假手段并不高明。我认为，随着疫情开始影响较富裕的国家，他们将提高自己的熟练程度。”
Criminals are using concerns about the coronavirus epidemic to spread infections of their own.
They are forging emails mentioning the outbreak that appear to be from business partners or public institutions in an effort to get users to open the messages, unleashing malware.
The number of malicious emails mentioning the coronavirus has increased significantly since the end of January, according to cybersecurity firm Proofpoint Inc., which is monitoring the activity. The company recently assigned an analyst to track coronavirus threats, something it hasn’t done for prior hacking campaigns related to disasters or major public events, said Sherrod DeGrippo, Proofpoint’s senior director of threat research and detection. Proofpoint analysts now see multiple email campaigns mentioning the coronavirus every workday.
“We don’t typically see events like that. Natural disasters are very localized; events like the Olympics come and go and I think something like the Olympics doesn’t get the clicks that a health scare would,” she said.
The dearth of information about the epidemic, along with plenty of conflicting claims, provides an opening for criminals, said Ryan McConnell, founder of R. McConnell Group PLLC, a law firm in Houston.
Email doctored to look like a company’s purchase order for face masks or other supplies could trick an employee into wiring payments to a fraudulent account, he said. Individuals could provide personal details in response to a phishing attempt that promises information about a company’s remote-work plan, he said.
“With the coronavirus, it’s a heightened risk because it’s a good vehicle for fraud and people are scared,” he said.
Russia-based cybersecurity company Kaspersky Lab said it had detected 403 users of its security products who were hit with about 500 coronavirus-related files. The company hasn’t determined how the malware was planted onto the devices, said Anton V. Ivanov, a malware analyst.
Japanese residents were among the first to be targeted in January and February, with emails purporting to be from regional health-care facilities. The messages contained legitimate contact information for key personnel, according to screenshots of emails and translations provided by the cybersecurity arm of International Business Machines Corp., which has been tracking the scams.
“It was very focused on enterprise users, and came in a message that would look like it’s a reply to something, or a warning that people are getting from the government. It could have been pretty effective at infecting company users,” said Limor Kessem, an executive security adviser at IBM Security who published findings on the campaign.
Attackers have sent emails containing about a dozen types of malware, according to Proofpoint’s analysis. Attacks mentioning the coronavirus are much more creative and sophisticated than typical spam, Ms. DeGrippo said.
subjectBe careful about criminals target companies using concerns about the coronavirus epidemic
Criminals are using concerns about the coronavirus epidemic to spread infections of their own. They are forging emails mentioning the outbreak that appear to be from business partners in an effort to get users to open the messages, unleashing malware.
They are even disguising themselves as WHO to steal money or sensitive information. If you are contacted by a person or organization that appears to be from WHO, verify their authenticity before responding.
Here are two helpful links/articles from WHO and The Wall Street Journal:
We will be very careful about this, especially for something important or related to payment, we will double-check or even triple-check for in order to make sure both of us are in a safe situation financially.
开发信中提到的2个链接都是非常权威且著名的网站（WHO官网 和 华尔街日报），所以他们在点击时也不会有太多的顾虑。