Coronavirus scams in Excel spreadsheets
What is it?
Scammers are sending emails containing Excel spreadsheets that claim to show updated statistics relating to the coronavirus pandemic. They say the information comes from Johns Hopkins University in Baltimore, exploiting the worldwide reputation of the university’s genuine coronavirus-tracking site.
The spreadsheet does contain coronavirus figures, but opening it infects your computer with tools from Netsupport Manager, which allows people to access your computer remotely. Once it’s installed, the hackers can trespass all over your machine.
Some security experts call this type of attack malicious spam – or ‘malspam’. This differentiates it from normal spam which, while annoying, doesn’t try to infect your computer.
How can you stay safe?
First of all, never open a spreadsheet attachment unless you’re convinced of its authenticity. In particular, be wary of subject lines that appear to spread panic or anger. This email scam uses several different subject lines. One (spotted by Microsoft) is: ‘Covid-19: [Month Day] horrible Charts’. It’s unlikely universities or other reputable bodies would use emotive words like ‘horrible’.
Microsoft also said that if you open the spreadsheet you’ll see that the data is actually from the New York Times, not Johns Hopkins (see screenshot) - though by then the damage would have been done.
If you want to regularly check the Johns Hopkins website, type www. snipca.com/34047 into your browser bar then bookmark it. We’re not surprised criminals have used the site to tempt victims. Since launching in the early weeks of the pandemic, it has gained a reputation for reliable and up-to-date information. We first mentioned it in Issue 574 (26 February), and it has become one of our most clicked Snipca URLS of the year.