Do Not Click on That Ebola Vaccine Ad
wk1003mike/Shutterstock.com
DHS issues alert on contagion-inspired phishing schemes and online fraud.
The Department of Homeland Security has issued a warning about Ebola-inspired online fraud, as it often does when national crises become phishing bait.
DHS U.S. Computer Emergency Readiness Team “reminds users to protect against email scams and cyber campaigns using the Ebola virus disease (EVD) as a theme,” states an alert issued Thursday evening.
“Phishing emails may contain links that direct users to websites which collect personal information such as login credentials, or contain malicious attachments that can infect a system,” the notice adds.
The warning does not provide examples.
But SANS Technology Institute researcher Johannes B. Ullrich, who monitors malicious activity on the Web, says so far, he has seen a couple of spam emails peddling Ebola disaster supplies.
One scam-mail he forwarded to Nextgov states:
After the second person was confirmed dead yesterday, civilian crisis protocol is available below.
www[dot]security/crisis/required-protocol/US/72345734
In the event of a local crisis, we ask that you please remain calm. Please follow guidelines as they are delivered.
If recipients click on the link, they ultimately are directed to familysurvival[dot]com, Ullrich said. Visiting the site is not recommended, as it might contain spyware, key-loggers or other malicious downloads.
Nor is it wise to click on ads hawking an Ebola vaccine.
Similar fraud followed the downing of MH17 and the assassination of Osama bin Laden, which used footage of a Russian missile hitting the jet and images of a gory terrorist mastermind, respectively.
DHS officials in Thursday’s alert advised taking the following steps to immunize against Ebola-related hoaxes:
• Do not follow unsolicited Web links or attachments in email messages.
• Maintain up-to-date antivirus software.
• Refer to the Using Caution with Email Attachments Cyber Security Tip for information on safely handling email attachments.
• Refer to the Avoiding Social Engineering and Phishing Attacks Cyber Security Tip for information on social engineering attacks.
(Image via wk1003mike/Shutterstock.com)
NEXT STORY: Information sharing: Are we safer?