The virus within the virus (Covid-19)

The world of cybercrime is unscrupulous, we know that by now, and the ability to exploit any opportunity to infect or steal information from users is implemented without restraint. Among the latest stories of ordinary madness are attempts to exploit the fear of coronavirus to infect with malware those seeking information online about the now infamous Chinese Covid-19 virus. Numerous malicious files posing as documents related to the coronavirus, containing information on how to protect oneself and how to detect it, have been spotted online. On the surface, the files look like simple pdfs, mp4s and docs, but in reality, according to Kaspersky labs that produced the report, they contain a variety of malware including Trojans and worms capable of compromising, blocking, modifying or copying data. Acronis Laboratories also reports, in a recent report, a number of attacks carried out through phishing emails containing information on how to protect yourself from the disease, but which actually contain malware with web links or attachments. Even Italy is unfortunately not immune to these contagion attempts. One of the news items that has caused the most stir is a phishing attack on academia, which takes the form of letter signed by the rector of the University of Milan. The sender of the email is a fake University of Bologna. These emails with the subject line “Update on Coronavirus(2019-nCov)” were sent to some universities with the aim of making recipients open an attachment with in-depth content. Once the file is selected, the hackers direct users to a window inviting them to make use of a Microsoft PDF reader. Clicking the link takes them to the actual phishing site, recreated with Microsoft’s own logo. Simply selecting “Download File” activates a credential request form designed to steal university account data.

The insidiousness in entertainment

But malware can be hidden anywhere, even in songs. In recent months there has been a nearly 40 percent increase in malicious attacks carried out through music tracks and videos, in most cases illegally downloaded. Hackers exploit the popularity of famous artists to hide in the fake song, viruses and other threats. Finally, one last warning: with the arrival of the summer season, attacks are expected via phishing emails that direct to fake sites containing holiday-related scams: with offers for bookings that have the sole purpose of stealing personal data and credit card credentials. Popular brands are often used as bait, so if you receive particularly advantageous offers, before providing personal data or following suspicious links, better to check the official site and make any purchases directly from that page. These cases indicate once again how necessary it is to be careful, it may seem trivial to repeat it, but when we look for information on the net we browse safe sites, and when we receive emails we pay attention to their content, do not click on links to unknown sites and above all do not open attachments of dubious origin.