[外贸人请注意] 一波黑客正在以新冠肺炎疫情COVID-19/Coronavirus名义实施邮件/开发信诈骗,附带提醒客户的邮件模板
新冠肺炎疫情开始被黑客盯上了
在下面这篇文章来自澎湃新闻,对于外贸人来说邮件/开发信是经常使用的沟通渠道,所以红板砖再次提醒大家注意。
另外,你可以考虑把下面的英文内容或链接发给你正在接触或交易的客户,也善意地提醒他们注意,避免造成损失。【开发信模板在页面底部】
3月5日,据《华尔街日报》报道,目前有一波犯罪分子利用人们对新冠病毒肺炎流行的担忧,来传播病毒或者从事诈骗活动。
网络安全公司Proofpoint Inc.称,自1月底以来,提及冠状病毒的恶意电子邮件数量大幅增加。Proofpoint的高级主管德格里波(Sherrod DeGrippo)表示,该公司最近专门指派了一名分析师跟踪冠状病毒相关的网络威胁活动,而在此前与灾难或重大公共事件相关的黑客活动中,该公司从未这样做过。Proofpoint的分析师们发现,现在每一天都有很多邮件提到这种冠状病毒。
据报道,这些黑客伪造了一些看似来自商业伙伴或公共机构的电子邮件。内容看起来像是公司订购口罩或其他用品的订单,诱使收到邮件的员工将钱款电汇到一个欺诈账户。
休斯顿R. McConnell Group PLLC律师事务所的创始人瑞安·麦康奈尔(Ryan McConnell)说,有关冠状病毒的信息的缺乏,以及大量相互矛盾的说法,为犯罪分子提供了一个机会。“这种冠状病毒风险更高,因为人们很害怕,所以它是诈骗的好工具。”
总部位于俄罗斯的网络安全公司卡巴斯基实验室(Kaspersky Lab)近日表示,该公司检测到使用其安全产品的403名用户被2673个与冠状病毒相关的文件攻击。恶意软件分析师安东·v·伊万诺夫(Anton V. Ivanov)说,公司尚未确定恶意软件是如何植入设备的。
日本居民在今年1月和2月成为攻击目标的首批人群之一,他们收到了据称来自地方医疗机构的电子邮件。IBM网络安全部门提供的电子邮件截图和翻译显示,这些邮件中包含了关键人员的合法联系信息。IBM公司一直在跟踪这些欺诈行为。这些邮件被包装成了像是对某事的回复,或者政府对公众的警告,而实际上其中包含着电脑病毒。
根据Proofpoint的分析,攻击者已经发送了包含大约12种恶意软件的电子邮件。德格里波说,提到冠状病毒的恶意邮件比一般的垃圾邮件更有创意、更复杂。
根据Proofpoint提供的屏幕截图,其中一封发给运输行业公司的电子邮件据称是来自世界卫生组织(World Health Organization)的一名工作人员。邮件中包括了世卫组织标识和如何监测船上船员的冠状病毒症状的说明,还包括一个附带说明的附件。
目前世界卫生组织已经注意到有类似的不法行为的发生。该机构在其官网上发布了关于冠状病毒邮件诈骗的警告,并要求受害者报告收到的电子邮件。该机构的一位女发言人通过邮件向《华尔街日报》表示,WHO几乎每天都收到有关提到冠状病毒的钓鱼软件的反馈。但她并未透露具体的数字。
IBM的执行安全顾问利莫·凯瑟姆认为,公共卫生危机中的沟通方式也为网络钓鱼提供了便利,因为大多数大公司和市政当局都严重依赖电子邮件来传达与疫情有关的政策,以及他们处理可能接触过病毒的人的计划。
为对冲基金、投资银行和其他金融服务公司提供服务的网络安全公司Agio LLC的CEO麦克唐纳(Bart McDonough)表示,他曾见过冒充市政卫生部门向客户发送电子邮件,向企业提供有关病毒的信息。“坦率地说,美国疾病控制与预防中心和世界卫生组织的造假手段并不高明。我认为,随着疫情开始影响较富裕的国家,他们将提高自己的熟练程度。”
华尔街日报原文:https://www.wsj.com/articles/hackers-target-companies-with-fake-coronavirus-warnings-11583267812
Criminals are using concerns about the coronavirus epidemic to spread infections of their own.
They are forging emails mentioning the outbreak that appear to be from business partners or public institutions in an effort to get users to open the messages, unleashing malware.
The number of malicious emails mentioning the coronavirus has increased significantly since the end of January, according to cybersecurity firm Proofpoint Inc., which is monitoring the activity. The company recently assigned an analyst to track coronavirus threats, something it hasn’t done for prior hacking campaigns related to disasters or major public events, said Sherrod DeGrippo, Proofpoint’s senior director of threat research and detection. Proofpoint analysts now see multiple email campaigns mentioning the coronavirus every workday.
“We don’t typically see events like that. Natural disasters are very localized; events like the Olympics come and go and I think something like the Olympics doesn’t get the clicks that a health scare would,” she said.
The dearth of information about the epidemic, along with plenty of conflicting claims, provides an opening for criminals, said Ryan McConnell, founder of R. McConnell Group PLLC, a law firm in Houston.
Email doctored to look like a company’s purchase order for face masks or other supplies could trick an employee into wiring payments to a fraudulent account, he said. Individuals could provide personal details in response to a phishing attempt that promises information about a company’s remote-work plan, he said.
“With the coronavirus, it’s a heightened risk because it’s a good vehicle for fraud and people are scared,” he said.
Russia-based cybersecurity company Kaspersky Lab said it had detected 403 users of its security products who were hit with about 500 coronavirus-related files. The company hasn’t determined how the malware was planted onto the devices, said Anton V. Ivanov, a malware analyst.
Japanese residents were among the first to be targeted in January and February, with emails purporting to be from regional health-care facilities. The messages contained legitimate contact information for key personnel, according to screenshots of emails and translations provided by the cybersecurity arm of International Business Machines Corp., which has been tracking the scams.
“It was very focused on enterprise users, and came in a message that would look like it’s a reply to something, or a warning that people are getting from the government. It could have been pretty effective at infecting company users,” said Limor Kessem, an executive security adviser at IBM Security who published findings on the campaign.
Attackers have sent emails containing about a dozen types of malware, according to Proofpoint’s analysis. Attacks mentioning the coronavirus are much more creative and sophisticated than typical spam, Ms. DeGrippo said.
最后,你还可以访问红板砖的疫情专题页面获取更多也用于外贸开发信的资源。
在新冠肺炎疫情/COVID-19/Coronavirus期间,可以利用这个外贸开发信模板给老客户或者正在沟通的客户做一个提醒:其一这是个专业且体贴的维护客户关系的行动,其二站在客户的角度这个提醒也是很必要的。
开发信中提到的2个链接都是非常权威且著名的网站(WHO官网 和 华尔街日报),所以他们在点击时也不会有太多的顾虑。