Though it is awful to consider, bad actors will be using this pandemic as a business opportunity. Some have already begun to do so. A situation like COVID-19 is the type of event that makes people panic, and when people panic they can get sloppy with their cybersecurity habits. Bad actors are looking to exploit this!
The following are just the start of the coronavirus cybersecurity scams that have been brought to our attention. There will undoubtedly be more, and we will look to keep you updated as news comes in.
There are interactive maps, updated continuously, that show confirmed cases of COVID-19 around the world. One such map, originally created by John Hopkins University, was used in a malicious scam designed to infect computers with Malware. The scam was being packaged as a Java-based program designed to steal passwords once the malware successfully infected a device. The map, which was hosted at www.Corona-Virus-Map[.]com, has since been taken down. More information can be found here.
A real version of this map, for anyone that is curious, is currently being managed through the Florida Department of Health. It can be found here and is updated constantly.
A number of phishing campaigns have been detected by cybersecurity professional around the world. One, aimed at Italian citizens during the country’s quarantine, looked to be an email containing legitimate advice from the World Health Organization (WHO) on handling the virus. The advice was written on a Word document attached to the email, which would immediately install Trickbot software on the user’s device. This particular scam was discovered by researchers at Sophos, who believe that this scam may soon spread to other afflicted countries.
Other similar scams have been detected, but many have a common theme. The attackers want to lend their scams legitimacy. It makes people more likely to click. So, many try to impersonate the World Health Organization. However, this can actually make the scams easier to detect. WHO officials have stated that the organization will never send emails asking people to login to view information, open unexpected attachments or enter financial information to donate directly to causes. In fact, if you receive a suspicious email that looks to be from WHO, report it! The organization has set up a direct link where you can report the attacks.
The usual rules apply here when it comes to cybersecurity awareness. Check the sender address, look for suspicious typos or differences in a sender’s email signature, and go with your gut. If you were not expecting an email, double check with the sender to make sure it is legitimate. The most important thing you can do for your safety and for your company’s safety is keep a level head.
If you’d like to discuss your cybersecurity concerns with a SouthTech professional, head to our Contact page or call us at 855-941-TECH. We are here to help!