This article was published on March 10, 2020

That unexpected ‘HIV test result’ email you just got is probably a scam

Don't open it!


That unexpected ‘HIV test result’ email you just got is probably a scam

Don’t panic! That unexpected email about an HIV test result you got is probably just an attempt to trick you into downloading malware designed to steal your personal credentials and financial info.

Researchers from security firm Proofpoint have spotted a new phishing campaign which sends out fake HIV test results to lure recipients into loading a malicious Microsoft Excel file. To seem more credible, the attackers also pose as the Vanderbilt University Medical Center.

Ironically, the campaign spells Vanderbilt wrong (“Vanderbit”).

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

[Read: Scientists need your computing power to find a cure for coronavirus]

Once downloaded the infected Excel document asks users to enable macros, which “allows the actor [to install another piece of malware] to take complete control over a user’s system.”

It remains unclear how widely spread the campaign is, but Proofpoint describes it as a “low volume” attempt. It mostly targeted “global insurance, healthcare, and pharmaceutical organizations.”

We encourage users to treat health-related emails with caution, especially those that claim to have sensitive health-related information,” the researchers warn. “Sensitive health-related information is typically safely transmitted using secured messaging portals, over the phone, or in-person.”

“If you receive an email that claims to have sensitive health-related information, don’t open the attachments,” Proofpoint warns. “Instead, visit your medical provider’s patient portal directly, call your doctor, or make an appointment to directly confirm any medical diagnosis or test results.”

Exploiting health scares to hack into people’s accounts is hardly a new tactic for scammers.

More recently, researchers from Check Point found that coronavirus-themed domains are 50% more likely to infect your system with malware than any other domains.

via CyberScoop

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with