Lithuania Warns of Malicious Health Alerts Targeting Schools
The National Public Health Center (NVSC) under the Ministry of Health in Lithuania has issued an urgent warning following a targeted disinformation campaign. On May 13, educational institutions across the capital city of Vilnius were hit by a wave of forged emails designed to look like official government health advisories. These communications falsely claimed a significant surge in hantavirus infections, an alert meant to trigger immediate concern among school administrators and parents.
Health officials have confirmed that the NVSC did not author or distribute any such warnings. The emails, some of which were curiously dated for the year 2026, are entirely fraudulent. While the primary targets identified so far are schools within Vilnius, authorities are currently investigating whether other public sector entities or educational centers across Lithuania have been compromised by the same campaign.
Identifying the Forged Communication
The NVSC has highlighted several critical red flags that distinguish these malicious emails from legitimate government correspondence. Firstly, the messages originated from non-institutional email addresses that did not use the official NVSC domain. Furthermore, the structure of the letters was inconsistent with standard bureaucratic protocols, and the recipients were addressed in an imprecise or unusual manner.
Perhaps most dangerously, the emails contained an attached PDF document. Cybersecurity experts warn that such attachments often serve as vehicles for malware or spyware, designed to infiltrate school networks once opened. The attackers also included a high-pressure demand for the schools to immediately publish the false information on their public-facing websites, an attempt to use the credibility of educational institutions to spread panic further.
The Risk of Health-Based Disinformation
This incident highlights a growing trend in cyber-warfare and social engineering: the weaponization of public health concerns. By choosing hantavirus—a serious viral disease typically spread by rodents that can lead to severe respiratory or renal issues—the attackers aimed to exploit a sensitive topic. Targeting schools specifically ensures that the disinformation reaches a highly reactive audience of parents and educators, where the potential for rapid, unverified sharing is high.
Currently, there are no indications of an increased hantavirus threat in Lithuania. The NVSC emphasizes that the public health situation remains stable and that the risk to the general population is very low. The agency has urged institutions not to take any practical actions based on the forged letter, as doing so would only validate the disinformation and potentially cause unnecessary disruption to the educational process.
Immediate Safety Protocols for Institutions
In response to the breach, the NVSC and law enforcement agencies have outlined a series of mandatory steps for any organization that receives suspicious health-related correspondence. Institutions are strictly advised not to open any attachments or click on links within these emails. If a school has already inadvertently published the false information on its website or internal channels, they are instructed to issue an immediate public denial and clarification.
All instances of these forged communications must be reported to both the NVSC and the police. Lithuanian authorities are now working with cybersecurity specialists to trace the origin of the emails and assess the extent of the disinformation campaign. This incident serves as a stark reminder for public sectors across Europe to maintain rigorous verification processes for all digital communications, especially those concerning public safety and health emergencies.
Source: BNS
