News
Sophos identifies Coronavirus “safety measures” scam email, lists measures to avoid it
BY: Sandra Ani
Cybercrooks love a crisis, because it gives them a believable reason to contact you with a phishing scam, Sophos has said, as it alerts individuals and businesses on the Coronavirus “safety measures” email is a phishing scam.
Sophos evolves to meet every new challenge, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyber threats.
Powered by SophosLabs, its cloud-native and AI-enhanced solutions are able to adapt and evolve to secure endpoints and networks against never-before-seen cybercriminal tactics and techniques.
Sophos Security Team reported of the current scam that uses the coronavirus to lure unsuspecting businesses and people with the email which carries the logo of the World Health Organization and states:
.Go through the attached document on safety measures regarding the spreading of corona virus.
.Click on the button below to download
.Symptoms common symptoms include fever, coughcshortness of breath and breathing difficulties.
Sophos said that fortunately, at least for fluent speakers of English, the criminals have made numerous spelling and grammatical mistakes that act as warning signs that this is not what it seems.
“The link you’re asked to click on is similarly, and fortunately, dubious.
“Firstly, it seems to be a compromised music site with a weird name that doesn’t have any obvious connection to any well-known health organisation; secondly, it is an HTTP site, not an HTTPS site, which is sufficiently unusual these days to be suspicious in its own right.
“Nevertheless, the scam page itself is incredibly simple – it can’t have taken the crooks more than a few minutes to put together – and visually effective.
“The fake page consists of the official, current home page of the World Health Organisation (WHO) with an unassuming popup form on top of it.
“It doesn’t just look like the WHO’s page in the background, it is the WHO’s page, rendered in a frame that’s embedded in the fake site:
“You can see why someone who’s nervous about the coronavirus issue, or who has friends and family in the main areas of infection, or who wants to do the right thing by learning more about preventing the spread of the disease…
“…might fill in the form, perhaps because they are feeling pressurised by (or not thinking clearly because of) the subject matter.
“Indeed, many companies have already sent emails to their staff to offer advice, so reading additional information that is allegedly from the WHO sounds like a sensible and responsible thing to do.
“Of course, if you put in your email address or your password and click through, you’ll be submitting the filled-in web form to the crooks.
“Worse still, you’ll be submitting it over an unencrypted connection.
“So anyone else on the same network as you, for example in your hotel lobby or the coffee shop, could potentially capture your network traffic and see the username and password you just put in.
“Once you’ve clicked the [Verify] button, the crooks simply redirect you to the real WHO site at who DOT int, which looks just like the previous page you were on, minus the popup form…
“…with the rather obvious exception that the address bar now looks (and is) correct, displaying the genuine WHO website name, showing a padlock and – if you click through and view the web certificate – a certificate that shows up as issued to the WHO itself.
Sophos also offered measures on what to do about it:
Never let yourself feel pressured into clicking a link in an email. Most importantly, don’t act on advice you didn’t ask for and weren’t expecting. If you are genuinely seeking advice about the coronavirus, do your own research and make your own choice about where to look.
Don’t be taken in by the sender’s name. This scam says it’s from “World Health Organization”, but the sender can put any name they like in the From: field.
Look out for spelling and grammatical errors. Not all crooks make mistakes, but many do. Take the extra time to review messages for telltale signs that they’re fraudulent – it’s bad enough to get scammed at all without realising afterwards that you could have spotted the fraud up front.
Check the URL before you type it in or click a link. If the website you’re being sent to doesn’t look right, stay clear. Do your own research and make your own choice about where to look.
Never enter data that a website shouldn’t be asking for. There is no reason for a health awareness web page to ask for your email address, let alone your password. If in doubt, don’t give it out.
If you realise you just revealed your password to imposters, change it as soon as you can. The crooks who run phishing sites typically try out stolen passwords immediately (this process can often be done automatically), so the sooner you react, the more likely you will beat them to it.
Never use the same password on more than one site. Once crooks have a password, they will usually try it on every website where you might have an account, to see if they can get lucky.
Turn on two-factor authentication (2FA) if you can. Those six-digit codes that you receive on your phone or generate via an app are a minor inconvenience to you, but are usually a huge barrier for the crooks, because just knowing your password alone is not enough.
…Says MOD has the infrastructure to make both systems work effectively
The Permanent Secretary, Ministry of Defence Dr. Ibrahim Abubakar Kana, has inaugurated the Project Steering Committee and Project Implementation Technical Team for the Performance Management System (PMS) and the Enterprise Content Management of the Ministry of Defence with a charge on the members of both Committees to make the Ministry shine.
Inaugurating the committee at the Ship house, Abuja, the Permanent Secretary said that the Ministry of Defence has the infrastructure and human resources that are experts to drive the process to success. “We have experts in the Ministry that can drive the process. We have Directors and Deputy- Directors from different departments who are experts and can help in cascading the processes down to other staff of the Ministry,” he said.
He therefore called on the Ministry’s Performance Management System (PMS) Champions to demonstrate unwavering commitment and excellence in driving service delivery and achieving set targets in line with the ministry’s mandate towards fulfilling the renewed hope agenda.
While he acknowledged that there might be initial hiccups, he charged the PMS Champions to be resilient in overcoming the initial challenges that may arise with the programme’s rollout and re-emphasized the need for a continuous training. “In MOD, training is not going to be an issue. We can afford to be organizing training on PMS and ECM every week.
Furthermore, Dr. Kana said that the PMS and ECM Champions are expected to lead the charge towards ensuring efficiency, productivity, and accountability across the Ministry, with the ultimate goal of achieving total compliance with government performance standards.
… in line with Renewed Hope Agenda
The Honourable Minister of Defence, H. E. Mohammed Badaru Abubakar, has urged the graduating students of Army War College Course 8/2024 to uphold national security in line with the Renewed Hope Agenda of President Bola Ahmed Tinubu GCFR.
The Minister made the call during the graduation ceremony for the participants of Army War College Nigeria Course 8/2024 at Army War College, Abuja.
The ceremony is a celebration of the achievements of the graduates who completed 35 weeks of rigorous training in national security, military strategy, and operational art.
In his keynote address, the Minister who was the Special Guest of Honour commended the graduates for their dedication and perseverance throughout the course, emphasizing the significance of their newly acquired skills in leadership and strategic thinking.
He said: “It is a great honour to stand before you today at the graduation ceremony for the participants of Army War College Course 8/2024, I am privileged to celebrate the remarkable achievements of our graduates. Your journey to this moment involved 35 weeks of rigorous training, intellectual stimulation and growth, as well as personal sacrifice. Today is a testament to your resilience and commitment to excellence.”
Addressing the graduates on their future responsibilities, the Minister highlighted the importance of their roles as operational and strategic leaders in Nigeria’s Armed Forces. “Today’s graduation marks your gradual transformation from tactical into operational and strategic level leaders. Leadership is the cornerstone of military service, extending beyond mere orders to inspiring and guiding others towards a common goal. As graduates of the Army War College Nigeria, you are now equipped with the tools that will enable you to lead and navigate the geostrategic landscape,” he opined.
The Minister encouraged the graduates to lead with integrity, courage, and compassion, reminding them of their pivotal role in addressing complex and ambiguous challenges:
“Gentlemen, the world is constantly evolving and the challenges we face are increasingly complex and ambiguous. As officers skilled in operational-level planning, you will encounter uncertain and often perilous situations. I thus encourage you to embrace these challenges with confidence, aptitude, and determination.”
Furthermore, Badaru extended his gratitude to President Bola Ahmed Tinubu, GCFR for his support to the Nigerian Military and also acknowledged the sacrifices of the Chief of Army Staff, the College Governing Board, the Commandant, Faculty members, and families of the graduates.
He congratulated the graduates of the Army War College Course 8/2024, saying “Your future is bright, and I have no doubt that you will all serve our nation with distinction.”
News
APRA Decries Terror Attack in Burkina Faso
… Spread of mpox in DRC and the frightening flooding in Sudan
The African Public Relations Association (APRA) has condemned the recent terror attack in the Burkinabe town of Barsalogho in the Sanmatenga Province of the Republic, which has killed so many people and injured scores of persons.
In a statement on Friday, signed by Dr. Omoniyi Ibietan, secretary-general, APRA, the body said it is greatly concerned about the increasing terror attacks in Burkina Faso and in other parts of Africa.
“The umbrella body of practitioners and professionals of public relations in Africa hereby calls for the cessation of all forms of attacks, especially on unarmed people. We call for dialogue as a more civil approach to resolving conflicts instead of violent attacks leading to destruction and catastrophic outcomes that leave the continent more devastated.
“We are gravely disturbed by this recent attack in Burkina Faso, coming on the heels of the death of over 500 persons due to mpox scourge caused by the monkeypox virus ravaging the Democratic Republic of Congo, DRC, the hotbed of the health crisis; and the distressing floods caused by the collapse of the Arba’ at Dam in the east of the Republic of Sudan, destroying or impacting about 70 communities and affecting telecommunication infrastructure and other utilities. These and many emergent humanitarian crises in Africa have been overwhelming enough for a great but challenged continent. Therefore, entrenched terror attacks can only worsen efforts at restoring the glory of the continent.
“As a body of communication managers, APRA iterates its call for increased, sincere and responsible conversation and concrete actions among state actors and other stakeholders in Africa to address these and future challenges, many of which are heralded by warning signs. Therefore, APRA calls on the World Health Organisation (WHO) to resume strengthening collaboration with the government and people of DRC because mpox is yet to be defeated as an existential global health issue.
APRA stands in solidarity with the Governments and people of Burkina Faso, the Democratic Republic of Congo and the Republic of Sudan. We commiserate with those who have lost family members and friends. We also wish those injured and displaced speedy recovery.