Fake Terror Alert Emails Used by Hackers in Canada, Middle East

Breaking News Emails

Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.
By Keith Wagstaff

With terrorism dominating the news, hackers are trying to exploit the fears of people in the Middle East and Canada by posing as Dubai law enforcement to spread malware.

Warning of terror attacks, emails sent by the hackers promise tips on how to stay safe. They include two attachments, one a harmless PDF file and the other a remote access Trojan (RAT), a tool often used to infect a computer and steal sensitive information.

They are being sent from email addresses spoofing those of a United Arab Emirates law enforcement agency, often the Dubai Police Force, according to a recent report from Symantec.

So far, the targets have mostly been companies and individuals in the Middle East and Canada connected to the energy, defense and finance industries, among entities. The hackers, according to Symantec, are "expanding their reach and we may see new email models targeting additional countries."

Read More: Iran-Based Hackers Created Network of Fake LinkedIn Profiles, Report Says

The emails are made somewhat believable by including the target's name in the subject line and the faked signature of a real top Dubai law enforcement official.

"With recent events such as those witnessed in Paris and Beirut just last week, terrorist attacks have become a threat across the world, and terror groups have been known to make their presence felt online too," Lionel Payet, a threat intelligence officer at Symantec Security Response, wrote on the company's blog. "We may yet see more of these kinds of social engineering tactics preying on real-world fears."

Read More: Hackers Hit Banks for $1 Billion, Security Company Says