Hackers Dropping Malware in Fake “terror alert” Emails

An email with a “terror alert” seems to be a new way of launching phishing attack and dropping malware from cyber criminals. People from several different parts of the world have reported such kind of attacks.

According to the sources, people from countries like Canada, Dubai, Bahrain and Turkey have received emails notifying them of terror alerts in their business area. With that, it advises people reading the mail to keep them, their families and company secured.

The emails have two attachments which according to the content in the mail is a brief on measures reader must take in order to remain secured. The first attachment is in reality what the mail states but the second attachment is a “Trojan” to attack user’s PC.

What makes the mail looks to be coming from an original source are the signatures from local law enforcement agency’s officials. Symantec Security provided more details for the attack in a web post which stated: 

“Interestingly enough, despite not being entirely written in the countries’ respective official languages, the emails are pretty crafty. All officials used in the cyber criminals’ scheme are currently in office. The subject in most cases reflects the name of an employee who works for the targeted company. All these details show that the crooks did some research before sending these phishing emails. If they do not have any employee information, then they would email other targets in the company that could provide them an entry point, such as customer service representatives or IT department personnel”.

But, not everyone has to be worried about the attacks because they are mostly targeted for specific people whose information is researched quite thoroughly by the criminals. Here is how the emails look like:

EXAMPLE:

using-terrorism-for-profit-hackers-dropping-malware-in-fake-terror-alert-email
Screenshot shows a fake email sent by Dubai Police / Image Source: Symantec

 

using-terrorism-for-profit-hackers-dropping-malware-in-fake-terror-alert-email-2
Screenshot shows a fake email sent by the Canadian Police / Image Source: Symantec

This is not the first time when cyber criminals have used current affairs related issues to hack innocent users. In the past, the scammers took advantage of the heartbreaking incident of missing Malaysian plane flight number MH370 to spam users with malicious links on social media. 

SourceSymantec
 

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.