On February 1, 2016, the World Health Organization (WHO) declared a Public Health Emergency of International Concern (PHEIC) regarding the outbreak of Zika virus and all associated birth defects. Zika has been the determined cause of microcephaly, an abnormal smallness of the head, and other neurological disorders found in newborn infants born in Southern America, particularly in Brazil.
Inevitably, where you find tragedy, the sad truth of today is that there is likely someone trying to exploit it for their own agenda. These newsworthy events can lead to a perfect environment for cyber criminals to capitalize on and attack.
In Brazil, there have been reports of a malware campaign that is targeting citizens trying to educate themselves about the microcephaly. The attackers are imitating a Brazilian health and wellness website Saúde Curiousa (Curious Health) through a malicious spam email. The subject of the email attack which translated from Portuguese to English reads “Zika Virus! That’s Right, killing it with water!” This headline has undoubtedly caught the attention of recipients, and even uses content and images sourced from a genuine article on the Saúde Curiousa website. The email also includes links and attachments with tags like, “Eliminating Mosquito! Click Here!” and “Instructions to Follow! Download!”. When faced with the perpetual fact that loved ones are susceptible to this awful virus, it can be easy for anyone to fall victim to attacks like these.
[i] Image retrieved from Symantec
The links in the malicious email lead to a URL shortening service called Bitly, which redirects the user to the file hosting service Dropbox. The file in the Dropbox and email have been identified as JS.Downloader, a known Trojan malware. Once a user is infected with this Trojan, it will attempt to download additional malware onto the infected computer.
As this virus has begun to spread outside of continental South America, it is likely that the malware spam will spread with the geographical path of the virus. The best practices to follow for finding information about Zika, as well as any online searches SECURELY are to:
Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.