Via JoongAng Daily: Fraudsters exploit MERS through SMS, emails.
Fraudsters are trying to capitalize on the Korean public’s fear of Middle East respiratory syndrome (MERS) by sending out fraudulent text messages and emails allegedly from health authorities but containing malicious code.
The Ministry of Health and Welfare also warned Sunday of fraudulent text messages and emails that ask for resident registration numbers and banking information for the reason that they are necessary to claim government subsidies for MERS tests or treatment.
Last Wednesday, the government announced subsidies of up to 1.1 million won ($986.8) to households that have any breadwinners who are quarantined or hospitalized due to MERS or suspected symptoms of the disease.
No cases of actual financial damages have been reported so far, said the Health Ministry.
“Community health centers have never contacted individuals regarding subsidies,” said Kwon Deok-cheol, director of the medical policy team at the Health Ministry, at a press briefing Sunday. “The health authority makes individual contacts only with people that need to be controlled like MERS patients or those who are under quarantine after contact with MERS patients. Those calls are made only through the official call centers.”
The Health Ministry said it and the state-run Korea Internet Security Agency (KISA) first detected some text messages with URL addresses and emails with attached files on Friday. They automatically installed malicious apps in users’ smartphones to steal their financial information and phone numbers.
This is a form of hacking called “smishing,” a combination of the words SMS and phishing, through which hackers try to steal financial or contact information saved on smartphones.
Some emails had files attached that were allegedly information about MERS. When clicked on, malicious programs are installed to enable hackers to remotely control personal computers.
As soon as the attempts were detected, KISA shared the codes with online payment service providers, telecoms and digital vaccine makers.
“Last year, attackers used the theme of the Ebola virus as bait to spread malware,” global cyber security company Symantec said on Thursday.
“Smartphone and computer users should be careful when clicking on unknown links sent via text messages or email,” KISA said.