Recently, security experts discovered a phishing attack tactic that impersonates President Donald Trump and Vice President Mike Pence.
According to BleepingComputer, email security firm Inky discovered the phishing emails, which purport to provide coronavirus guidelines. Instead, clicking on the attached documents releases a malware payload or ransomware. Other similar emails pretend the President or Vice President extorting the victim with a threat of exposing their company’s activities as criminal (such as involved in human trafficking).
We spoke to two cybersecurity experts for more information and perspectives on phishing attacks that impersonates the President and Vice President.
Experts Comment on Attacks Impersonating the White House
Chris Clements is VP of Solutions Architecture at Cerberus Sentinel
“Scammers take advantage of any newsworthy opportunity they can to hook new victims. We’ve been seeing a mass “re-branding” of phishing and malware campaigns to COVID-19. The attacks and malware are the same but the email lures are co-opting messaging around the pandemic by impersonating well-known authorities such as the White House, CDC, and WHO. Now more than ever consumers should utilize “trusted paths” such as going to those organizations’ websites directly rather than clicking a link or opening an attachment in an email to access important information about the pandemic.”
Erich Kron is Security Awareness Advocate at KnowBe4
“Attackers are shameless in the tricks they’ll use during a time like this. The White House instructions attack relies on the fact that there is published guidance from the White House and the fact that this entire situation has been quickly evolving. People do not want to miss out on the latest guidance. Just like in other social engineering attacks, this one relies on emotions and the fear, uncertainty and doubt that people are experiencing to be effective.
“In the case of the emails purportedly sent from Mike Pence to business owners, this is also an attack on emotions, as many business owners are currently under stress either because their sales are down, or in some cases because they are more busy than they ever have been depending on the industry. Businesses are currently facing challenges they’ve never faced before including restaurants switching to curbside only service, many places having to close or at the very least, send their workers home to work. A letter such as this can add immeasurable stress during an already stressful time.”
“While in both of these cases, there are glaring grammar and spelling errors, when placed under stress, people may not notice these. This is why it’s so important whenever an email, text message, or even phone call causes an emotional response, to step back for a moment, take a breath and look very critically at the situation. Attackers use our emotions to bypass critical thinking.”
“People need to be cautious any time they receive an unsolicited email, check the “Reply To” address to make sure it’s legitimately coming from who it says it is and be extremely cautious when opening any attached documents or other files when you aren’t expecting them. If you do open an attachment, do not enable editing, content, or macros.”
“Because these attacks are becoming so prevalent right now, it has never been more important for individuals or employees to be trained on how to spot phishing emails or malicious text messages.”
How to Learn More
Thanks to the experts for their time and expertise on the phishing attack that impersonates the President and Vice President. For more, take a look at our SIEM Buyer’s Guide.
Latest posts by Ben Canner (see all)
- Revisiting Whether SOAR Will Replace SIEM in Business Cybersecurity - May 29, 2020
- Changing SIEM From Reactive to Proactive with Threat Hunting - May 27, 2020
- Top-Down SIEM: An Interview with Avi Chesla of Empow - May 21, 2020