News Flash


Posted on: January 11, 2022

Cook County Health Dept warns of Covid Omicron Email Phishing Scam

To further enhance our cybersecurity defense, we want to highlight a new cybersecurity threat that everyone needs to be aware of.



Covid Omicron Phishing Email Scam

A sophisticated group of cybercriminals are targeting users via phishing emails claiming that you have been exposed to Covid-19 by a coworker who tested positive with the Omicron variant. These cybercriminals seek to steal valuable information and often have the goal of tricking users into handing over their log-in-credentials.


Key Findings:

The Omicron-themed phishing emails state, “This letter is to inform you that you have been exposed to a coworker who tested positive for OMICRON variant of COVID-19 sometime between (Dates Specified). Please take a look at the details in the attached document.”

If the user opens the Excel document and enables macros, their device will be infected with the Dridex banking Trojan. In a poor attempt at humor, the document will then display a popup showing the COVID-19 Funeral Assistance Helpline number.

What to do:

  • Do not click on any emails that are specifically related to this threat. 
  • Never Provide Confidential Information.
  • Never click an email link or pop-up that asks for personal information.
    • Legitimate companies do NOT ask for this information.
  • Be suspicious, think before you CLICK!


What have we done:

IOC’s (Indicators of compromise) There are currently no indicators of compromise released for this threat.


Threat Awareness:

We will continue to provide ongoing communication to the organization on this threat.  The number one method attackers use to gain access to systems is through users clicking on links embedded in a phishing email. 


For Further Information: 

·    Please contact the HIS Service Desk @ 312-864-4357 

Facebook Twitter Email