Unsurprisingly, cyber criminals are using the Zika virus to their advantage
The Zika virus has been all over the news lately and people are treating it as if it is something new. In fact, the virus named for the Zika Forest in Uganda, was first discovered way back in 1947. During the time since then, it was isolated to a narrow region near the equator, but several years ago it began to spread, jumping to south Pacific islands and finally landing in Mexico and South America.
Of course, anytime something is making news and playing to people's fears then there are at least two sectors you can count on to try and latch onto it – the media and cyber criminals. Three if you care to lump in politicians, four if you include recent statements from the Pope.
We aren't getting into religion and politics though, it's the thieves we're concerned with. We'll just stick with the disease as it applies to technology and, perhaps not shockingly, the cyber criminals are all over this outbreak, attempting to fear-monger their way into people's lives.
The result is a flood of emails with malicious attachments. According to researchers at Symantec, "The malicious spam email claims to be from Saúde Curiosa (Curious Health), a health and wellness website in Brazil. The subject of the email says, 'ZIKA VIRUS! ISSO MESMO, MATANDO COM ÁGUA!' which translates to: 'Zika Virus! That's Right, killing it with water!' The email itself uses imagery and text taken from a real article on Saúde Curiosa, but includes buttons and attachments to try to capture the recipient’s attention, such as 'Eliminating Mosquito! Click Here!' and Instructions To Follow! Download'."
The result, if you follow this, is a Bitly link that sends you off to a Dropbox location from whence the malicious file is downloaded. In the end, you have installed JS Downloader, a malware program that proceeds to welcome others to the party.
As Symantec points out, "Newsworthy events on a regional or global level often provide fertile ground for cybercriminals seeking to capitalize on the interest in these events. In this case, the Zika virus’ impact in countries like Brazil is being leveraged, while the potential impact in other countries make it a prime candidate for more malicious spam".
Now you don't just have to watch out for mosquitoes, but also emails.