On February 1, 2016, the World Health Organization (WHO) declared a Public Health Emergency of International Concern (PHEIC) regarding the outbreak of Zika virus and all associated birth defects. Zika has been the determined cause of microcephaly, an abnormal smallness of the head, and other neurological disorders found in newborn infants born in Southern America, particularly in Brazil.

Inevitably, where you find tragedy, the sad truth of today is that there is likely someone trying to exploit it for their own agenda. These newsworthy events can lead to a perfect environment for cyber criminals to capitalize on and attack.

In Brazil, there have been reports of a malware campaign that is targeting citizens trying to educate themselves about the microcephaly. The attackers are imitating a Brazilian health and wellness website Saúde Curiousa (Curious Health) through a malicious spam email. The subject of the email attack which translated from Portuguese to English reads “Zika Virus! That’s Right, killing it with water!” This headline has undoubtedly caught the attention of recipients, and even uses content and images sourced from a genuine article on the Saúde Curiousa website. The email also includes links and attachments with tags like, “Eliminating Mosquito! Click Here!” and “Instructions to Follow! Download!”.  When faced with the perpetual fact that loved ones are susceptible to this awful virus, it can be easy for anyone to fall victim to attacks like these.

[i] Image retrieved from Symantec

The links in the malicious email lead to a URL shortening service called Bitly, which redirects the user to the file hosting service Dropbox. The file in the Dropbox and email have been identified as JS.Downloader, a known Trojan malware.  Once a user is infected with this Trojan, it will attempt to download additional malware onto the infected computer.

As this virus has begun to spread outside of continental South America, it is likely that the malware spam will spread with the geographical path of the virus. The best practices to follow for finding information about Zika, as well as any online searches SECURELY are to:

• Look to trusted news sources, both regionally and globally. For specific information on Zika, it’s best to visit the World Health Organization website.
• Always avoid clicking links and attachments not only in suspicious emails but on websites. Hover over the links to ensure that it is taking you where it says it will.
• If you are not already, run security software on your computer and ensure it’s up to date. Regularly check for any vendor updates or patches as well.

Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.

Follow us on LinkedIn and Twitter for current company and industry news.

[i] http://www.symantec.com/connect/blogs/zika-virus-outbreak-concerns-used-spread-malware