Phishing Attack
Current Affairs / General / Technology

North Korean Hackers Are Using Phishing To Target 5 Million Users

CYFIRMA Researchers found out that North Korean Operatives Lazarus Group has planned to target 5 Million users using COVID 19 related phishing. Group is targeting individual and businesses across 6 countries and multiple continents.

How Hackers Are Targeting?

Hackers send you phishing emails by using fake email ids representing local government emails. They will ask you to share your full details to get COVID 19 tests for free or to credit amount in your bank.

CYFIRMA has observed that hackers are planning to spoof or create fake email IDs impersonating various authorities. These are some of the emails discussed in their phishing campaign plan:

  • covid19notice@usda.gov
  • ccff-applications@bankofengland.co.uk
  • covid-support@mom.gov.sg
  • covid-support@mof.go.jp
  • ncov2019@gov.in
  • fppr@korea.kr

Below are the planned dates of the attacks as per the researchers.

Country NameCampaign Launch DateTarget
USA20-Jun-20Individuals
UK20-Jun-20Businesses
Japan20-Jun-20Individuals
India21-Jun-20Individuals
Singapore21-Jun-20Businesses
South Korea21-Jun-20Individuals
Attack Planned Dates

Hackers claimed to have millions of email ids of individuals and businesses. The plan is to send a spoof email representing a government organization and gather business and personal information. They will ask you to share your details to credit money or provide free offers. Do not click on any links from these type of emails.

How To Avoid Phishing and Data Loss

  • Don’t click on any link even if it shared by someone you know through emails. Go to the website directly after logging out of the email account.
  • Don’t open attachments from unknown senders.
  • Don’t download files with extensions like exe,pif,tmp,url,vb,vbe,scr,reg,cer,pst,cmd,com,bat,dll,dat,hlp,hta,js,wsf.
  • Check the sender email id and senders email domain before acting on emails.
  • Don’t sign in on any links that are shared in emails with your credentials. Check if URL is original or not by visiting the original website directly.
  • Report any unusual emails to incident@cert-in.org.in (India) along with email headers (email properties).
7 Top Positive Personality: How to Tell if You’re Thriving 10 Reasons Why Those Who Walk Alone Have the Strongest Direction 12 Signs You Should NOT Trust Someone 11 Things Women Want You to Do but Won’t Tell You 9 Negative Character Traits Often Disguised as Good Qualities 11 Things Introverts Secretly Love 6 Things, What Men Really Want: What Makes Them Fall in Love 10 Choices You Will Regret in 10 Years. 12 Most Common Relationship Problems for Break Up 10 Things High Functioning Anxiety Makes You Do
7 Top Positive Personality: How to Tell if You’re Thriving 10 Reasons Why Those Who Walk Alone Have the Strongest Direction 12 Signs You Should NOT Trust Someone 11 Things Women Want You to Do but Won’t Tell You 9 Negative Character Traits Often Disguised as Good Qualities 11 Things Introverts Secretly Love 6 Things, What Men Really Want: What Makes Them Fall in Love 10 Choices You Will Regret in 10 Years. 12 Most Common Relationship Problems for Break Up 10 Things High Functioning Anxiety Makes You Do