Watch out for bogus death and funeral announcements.
Victims that click can infect their systems with malware.
Criminals have been active with a phishing scam recently. Their goal is to trick you into clicking a link.
This picture shows one that I recently received. It looked suspicious so I hovered over the link to see where it would take me. The figure shows this has a domain name of .de which is in Germany. I don’t live in Germany, and Eubank Funeral home certainly doesn’t look like a German name.
The Eubank Funeral home is warning people of this threat and asking people to stop reporting it to them.
A little research shows this is a current active attack. They typically take you to a compromised server, which attempts a drive-by download of malware. This one attempts to download a Trojan horse, which joins the infected computer to a botnet. The infected computer becomes a zombie doing the bidding of criminals controlling the botnet.
It is a well-crafted email offering “deepest prayers of condolence” and an invitation join the service at a specific date and time. Similar phishing emails impersonate different funeral homes and even use the same colors and copyright statements from the actual funeral home. If you don’t understand the threats, it’s easy to be tricked.
This is another reason why organizations value people with basic security knowledge. Knowledgeable employees understand that criminals send malicious emails and they should be suspicious of anything prompting them to click.
A good rule of thumb with email links is to be suspicious. Criminals are vigilant in their goal to trick you and infect your computer. If you treat all links with suspicion, you are less likely to be fooled.