Email malware scam offers “secret” information on Trump’s health as bait

ByCraig Haley

The latest email malware campaign hitting inboxes purports to offer “top secret” information into US President Donald Trump’s COVID condition.

On October 2nd 2020, President Trump announced that he tested positive for COVID-19 hours after one of his aides Hope Hicks had also tested positive. And as with many breaking news stories, it is one that cyber crooks have been seeking to take advantage of.

Email malware scams of this ilk will either try and trick a recipient into opening a malicious email attachment or clicking on a link that leads to a malicious webpage. In this instance it appears to be the latter, as recipients are urged to click a link to a ”word document” apparently containing this top secret information about the president’s condition.

Possible subjects of the scam emails can be “Recent materials pertaining to the president’s illness” and “Newest information about the president’s condition“.


Sponsored Content. Continued below...




That link leads to a Google Docs webpage, which asks a visitor to download the document by clicking another link. And visitors may be willing to do so since they are on a Google domain, and the text on the webpage claims the file has been scanned and deemed safe.

However, what visitors may not know is that cyber crooks can write any message they want on the Google Docs page, and links on the page will not necessarily lead to safe downloads.

In this case, security researchers have noted that the link leads to the download of a dangerous strain of malware called BazarLoader, which can give crooks access to an infected computer that can lead to other malware attacks, including ransomware. Additionally, an infected computer can compromise the entire network that it is a part of.

– Don’t click on links or open attachments on unexpected emails promising secret or unseen information, as this is a classic social engineering trick used by cyber crooks.

– Remember that just because files or links appear on legitimate domains like Google Docs, it doesn’t mean the files or links themselves will be legitimate. Anybody can write text and include links on the Google Docs platform – even scammers.

– Always ensure you have reliable security software installed that can spot such an attack before it’s too late.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)