Alert: Phishing Email Referencing CDC and Flu Pandemic

CDC security officials have been working with multiple law enforcement agencies to track a campaign of phishing emails claiming to be from the CDC that reference a flu pandemic. The body of the email instructs the user to open an attached Microsoft Office document for details on how to prevent the spread of influenza.

Please note that this email is not legitimate, and is actually from a malicious actor hoping to install malware on victim computers. If opened, the attached document will download and install ransomware called ‘Gandcrab’ on your computer, encrypting both your local files and files on any network file shares you may be connected to. An associated ransom note promises the decryption key in exchange for a Bitcoin payment, but there is no guarantee that the attackers would actually provide that key.

Below is an example of one of the emails:

phishing

Note that this is only an example; the sender may change the From: and Subject lines.

CDC encourages everyone to follow good security practices to help reduce the likelihood of falling victim to this and other phishing attacks:

  • Don’t open unsolicited email from people you don’t know.
  • Hover your mouse over links to see where they lead.
  • Do not click links in email. If you think the address is correct, retype it in a browser window.
  • Be wary of attachments in any email.
  • Do not supply any personal information, especially passwords, to anyone via email.
Page last reviewed: March 22, 2019