The United States Computer Emergency Readiness Team (US-CERT) has issued an advisory alerting users of email scams and cyber campaigns using the highly-publicized Ebola virus disease as phishing bait.
“Phishing emails may contain links that direct users to websites which collect personal information, such as login credentials, or contain malicious attachments that can infect a system,” read the advisory.
Ken Westin, Tripwire security researcher, said its not uncommon for cyber criminals to leverage current events as a tactic to social engineer people into clicking links and downloading malicious files.
“Fear is a powerful emotion and one often leveraged by savvy cyber criminals, as fear and other strong emotions clouds people’s judgement and increases the likelihood of a successful phishing attack,” said Westin.
US-CERT recommends users remain cautious when encountering suspicious emails or messages and follow these preventive measures:
- Do not follow unsolicited web links or attachments in email messages
- Maintain your antivirus software up-to-date
- Refer to the Using Caution with Email Attachments Cyber Security Tip for information on safely handling email attachments.
- Refer to the Avoiding Social Engineering and Phishing Attacks Cyber Security Tip for information on social engineering attacks.