PSA: Terrible people are running a phishing campaign with fake Covid-19 stats

(Image credit: Pixabay (efes))

Security researchers at Microsoft say they have seen a "steady increase" in unsolicited email attachments containing malicious Excel 4.0 macros. It is part of a "massive campaign" to infect PCs with malware under the guise of providing current statistics related to Covid-19.

Phishing scams are nothing new by any stretch, but according to Microsoft (via ZDNet), this latest campaign only started around a week ago "and has so far used several hundreds of unique attachments."

"The emails purport to come from Johns Hopkins Center bearing 'WHO COVID-19 SITUATION REPORT'. The Excel files open w/ security warning & show a graph of supposed coronavirus cases in the US. If allowed to run, the malicious Excel 4.0 macro downloads & runs NetSupport Manager RAT," Microsoft stated on Twitter.

In general, Microsoft says the number of malicious Excel 4.0 macros used in malware campaigns was already on the rise before this latest campaign. Starting in April, however, they started to use Covid-19 as bait to lure in victims.

The hundreds of malicious Excel 4.0 macros used in this latest phishing campaign all connect to the same URL, which delivers a viral payload to the victim's PC. Once infected, an attacker can gain remote access to run commands on a system, and even install more malware.

In a separate Twitter thread, Microsoft detailed a different but similar "Trickbot" campaign. These phishing emails purport to offer a "personal coronavirus check" to fool victims into opening a malicious Excel attachment. According to Microsoft, this "remains one of the most common payloads in Covid-19 themed campaigns."

These are not the only ones, though. Last month, Trend Micro warned of several different types of malware masquerading as Covid-19 information, including one that makes a PC unbootable by overriding the master boot record.

Smart computing habits are still your best defense. These entail not downloading or opening unexpected email attachments, and typing URLs directly into your browser.

Still, now would be a good time to warn any less savvy family members and friends to be on the lookout for this sort of thing.

Paul Lilly

Paul has been playing PC games and raking his knuckles on computer hardware since the Commodore 64. He does not have any tattoos, but thinks it would be cool to get one that reads LOAD"*",8,1. In his off time, he rides motorcycles and wrestles alligators (only one of those is true).

Latest in Hardware
A woman wearing a VR headset with dramatic, colourful lighting across the background
'World’s smallest LEDs' could lead to accurately lit screens with 127,000 pixels per inch and much more immersive VR
The NES themed 8BitDo Retro mechanical gaming keyboard on a blue background
I love the 8BitDo Retro C64 keyboard but I'd pick its cheaper NES-themed model near its lowest price ever during Amazon's Big Spring Sale
The snazzy red and black HyperX Cloud Alpha wireless headphones float in a teal void. The microphone is attached to the headset.
The best wireless gaming headset is now even better in the Amazon Big Spring Sale, boasting a more than $50 discount
A chip being held up in an Intel fab
Intel is reportedly 'working to finalize commitments from Nvidia' as a foundry partner, suggesting gaming potential for the 18A node
Amazon box
Don't panic! The 'Do Not Send Voice Recordings' option Amazon just removed was only used by 0.03% of customers and they can still have it
Digital generated image of people surrounded by interactive transparent and glowing panels with data. Visualising smart technology, blockchain and artificial intelligence
Now I shall demand the cookies! Proposed new browsing agreement turns the tables and lets users dictate terms to websites
Latest in News
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
A mech awakens.
Mecha Break developer is considering unlocking all mechs following open beta feedback
Lara Croft Unified Art
Tomb Raider developer Crystal Dynamics lays off 17 employees 'to better align our current business needs and the studio's future success'
A long bendy arm stealing money from people in a subway car
'You're a very long arm. You steal things. It's a comedy game,' explains developer of comedy game where you steal things with a very long arm
The heroes are attacked by monsters
Pillars of Eternity is getting turn-based combat to mark its 10th anniversary, and that means PC Gamer editors will soon be arguing about combat mechanics again
Image of Ronaldo from Fatal Fury: City of the Wolves trailer
It doesn't really make sense that soccer star Ronaldo is now a Fatal Fury character, but if you follow the money you can see how it happened