Cybercriminals use hundreds of different methods to snare people into their traps and many of these methods are particularly offensive because of the vulnerable population of people they target. We’ve seen them use content to target parents concerned about the safety of their children, diabetics who are looking for a new treatment or cure for their condition, lonely adults looking for companionship, and people with a deep faith in God who want to make a positive difference in the world, to name just a few.
One of the “staples” that cybercriminals use to target their next victims is information related to health. Recently we saw a spate of these malicious emails. Let’s start with this clickbait disguised as “Health News” that came from the domain signosys[.]info and is about a condition called hypothyroidism, a disease that produces too little of a hormone that is important in regulating your body’s energy production and use. The subject line reads “If you want to overcome Hypothyroidism – Don’t Do This!” The author of this “newsletter” — Mary Swanson — claims to have a natural cure based on scientific research. Anyone dealing with this difficult disease, or with a loved one who is dealing with it, might be tempted to click the links that point back to signosys[.]info. Were they to do that, they would be hit with a malware script before being forwarded on to the very real website called hypothyroidismrevolution[.]com. Look at the screenshots below to see the redirect after hitting signosys[.]info. This malicious website has no web pages to be found and was registered by someone in India in early September.
Similar to this type of clickbait is the recent email below with the subject line “Your Prostate Is The Size Of A Lemon” and was sent from the domain exeganie[.]info. The email claims that “research has recently discovered an incredibly effective way to shrink your prostate.” If you are an older person who frequently feels that need to run to the bathroom, this email might interest you. And that would be a mistake. The domain exeganie[.]info was also registered in India, just hours before this email was sent. That shouldn’t be a surprise to anyone.
In addition to supposed health information, we also often see remarkable stories that seem incredible, or absurd, such as this one… “Uncle Discovers By Accident How to Cure Girl’s Deadly Disease…” Of course, it is total BS but it is likely to trick some people to click through to the domain michenix[.]info where malware awaits before forwarding you to airpurifiersystem[.]online. At least this time, the Zulu URL Risk Analyzer was able to identify that michenix[.]info is malicious! Guess where michenix[.]info was registered? Yes, India and on the day this email was received, November 14, 2019.
To you, our readers, the point is obvious. However, do you have any friends or relatives who are battling health issues and may be more susceptible to this form of trickery? Show them this newsletter and help them understand that there are low-life cybercriminals who target them BECAUSE they have health issues. It’s hard to think how anyone can stoop much lower than this in an effort to make money.