silversurfer

Level 61
Verified
Trusted
Content Creator
Malware Hunter
A new phishing campaign has been spotted that pretends to be from a local hospital telling the recipient that they have been exposed to the Coronavirus and that they need to be tested.

With the Coronavirus pandemic affecting all corners of the world, we continue to see phishing actors try to take advantage of the fear and anxiety it is provoking to scare people into opening malicious email attachments.

In a new low, a threat actor is pretending to be from a local hospital telling the recipient that they have been in contact with a colleague, friend, or family member who has tested positive for the COVID-19 virus.

The email then tells the recipient to print the attached EmergencyContact.xlsm attachment and bring it with them to the nearest emergency clinic for testing.
Coronavirus-themed phishing email

Coronavirus-themed phishing email
 

silversurfer

Level 61
Verified
Trusted
Content Creator
Malware Hunter
Is the virus total a link to what someone would see if they had scanned the e-mail?
NO, it's only VT link for the payload malware (.exe), that will be delivered only if you click to open the document, then click to enable content.

Your AV may is able to scan the Email, there scanning the malicious attachment as document (.xlsm)
When a user opens the attachment. they will be prompted to 'Enable Content' to view the protected document.

Malicious attachment

Malicious attachment
 
Last edited:
Top