Atul Gawande, Surgeon, Writer and researcher, has warned on Twitter, that someone is posing to be Atul Gawande. The imposter is asking scientists for an interview. He continues to warn that the imposter utilizes the signature ‘Atul Gawande, Staff Writer, The New Yorker’. He continues to explain the cyberattack on his Twitter account.
In his tweets, he explains which email address he uses for work, and he continues to explain that one of the scientists actually did respond to the imposter mails.
The victim responded to the email from the imposter. Multiple emails were send back and forth. The imposter also did a phone call with the victim and eventually, the imposter send a (phishing) link, which resulted in the theft and access to the victims computer, phone, apple ID, business and home gmail accounts.
The cybercriminals continued to access the victims Twitter account, and they utilized different social media accounts on which they had obtained access to.
APT ‘Chinus Virus Lab’ Threat actors
Atul Gawande explains on his Twitter account, that the threat actor might be “China virus lab theory” conspiracists targeting scientists who’ve done work with Chinese labs.
How to stay extra vigilant
Time needed: 4 minutes.
In this short guide, I will provide you some steps which can help to improve your (cyber) security layers
If you get an email, and you are in the scientific field, then please verify the email address and the sender via a different method. Ask a collegae which might know that person. If you know that person, give them a call with the contact details you already have. Do not use any information that you see in the email.
- Do not send information
If someone is asking for information, then verify the identity of that person before you send any information. Follow the security policy on how to send information. Ask this information from the security officer or the chief information security officer in your company.
- Suspicious mails
If you are getting suspicious mails, then the chance is high that the person next to you are getting similar mails. Inform them, and stay vigilant together.
- Scanning files
If you really have to open a file from a suspicious mail, then make sure that you scan that file with your local anti-virus solution. If you are in the scientific research field, then I advice you not to scan your files on VirusTotal. Always use a local anti-virus solution which is up to date.