Coronavirus spoofers are sending fake emails from the World Health Organisation, among others. Vox explains how they’re doing it. Via Vox:
This is just one of many fake emails that have spoofed the WHO’s domain name during the coronavirus pandemic. Some are addressed from Tedros Adhanom Ghebreyesus, the director-general of the WHO, and carry attachments that can install malware on the victim’s device. Others announce a coronavirus cure that you can read all about in the attachment. They each appear to be sent from a who.int email address.
If it seems like it shouldn’t be this easy to impersonate a leading global health institution, you’re right. As we outline in the video at the top of this post, there is a way for organizations and companies to prevent spoofing of their domain, but the WHO hasn’t done it.
“One of the things that a lot of NGOs and nonprofits don’t necessarily understand is that email is a very open protocol by design,” said Ryan Kalember, who leads cybersecurity strategy at Proofpoint.