Scare tactics are not new, because they are often effective. That is why Ebola phishing and malware attacks are becoming more and more widespread, as a result of the mass media paying increasing amounts of attention to this threat, and people being naturally curious and sometimes threatened.
Once interest in Ebola drops, there most likely will be another hot topic on people’s minds, and that would be the next opportunity for scam artists to craft phishing emails with new subjects.
What is Phishing?
A phishing attack is an event when an email contains links to websites that are infected with malware or other harmful software. Phishing is typically done through email spoofing or instant messaging. It often instructs users to perform further action, such as clicking on links, submitting forms or entering details at a fraudulent website that looks and feels legitimate, designed to fool the user into action.
The US-CERT has issued Ebola Phishing Scams and Malware Campaigns warning about these particular scam emails that take advantage of topics that are on everyone’s mind. They advise all users to keep an eye out for fake emails of this kind, in order to stay safe from malicious cyber operations.
How to handle scare tactic emails?
We recommend to double check anything you receive via email with links to pages and social media distributions related to Ebola, such as emailed warnings and internet alerts, news updates and possibly even videos. Remember, the only way to get news about this is straight from a reputable source. Also, do not fall for fraudulent “charities” that solicit online donations for Ebola victims. Verify the site is legitimate before you donate anything.
We encourage everyone to be vigilant and use caution when encountering these types of email messages and take the following preventative measures to protect themselves.
- As a general rule, do not click to follow unsolicited web links or attachments in email messages.
- If you are unsure of an email request being valid and legitimate, try to verify it by contacting the source directly.
- You can also try to see if questionable email is part of recent phishing attacks by checking with Anti-Phishing Working Group.
- Make sure to Maintain up-to-date antivirus software.
- Scan attachments prior to opening them.