Cybercriminals and scam artists are looking to take advantage of the coronavirus pandemic sweeping across the world.
Law enforcement agencies and cybersecurity firms have seen dozens of coronavirus-related scams in recent days, with some cybercriminals trying to sell victims fake medicines and treatments and others stealing victims’ identities through malware or phishing emails.
“With COVID-19 in full swing, malicious actors are viewing this as an opportunity,” said Nathan Little, vice president of digital forensics and incident response at Tetra Defense, a digital forensics lab and incident response firm. “We’ve seen several phishing scams and fraudulent websites pop up touting downloadable informative resources that are actually malicious.”
In some cases, the email phishing campaigns target company employees with fake messages about remote work or emergency contacts, Little said. “The phishing emails may have malicious attachments that pose as informative documents for employees when in reality, they are executing malicious activity in the background.”
Internet users should double-check the source of an email or link before they click on it, recommended Dana Tamir, vice president of market strategy for Silverfort, an identity and access management vendor.
“As a result of the current circumstances, we see an increase of phishing attempts taking advantage of people’s nervousness,” she said.
Cybersecurity experts advised internet users to be especially alert about coronavirus-related emails, texts, and advertisements that make claims about treatments or safety products.
On March 20, the FBI’s Internet Crime Complaint Center issued a warning about several online scams related to the coronavirus. The FBI has seen scams that sent fake emails from the Centers for Disease Control and Prevention or other organizations claiming to offer information on the virus. Links in those emails download malware or ransomware onto victims’ computers.
Also, the FBI has observed several phishing campaigns, including asking victims to verify their personal information to receive an economic stimulus check from the government. Government agencies are not sending unsolicited emails seeking private information, the FBI said.
Other phishing emails have posed as charitable campaigns, airline carrier refunds, fake cures and vaccines, and fake testing kits, the FBI said.
The FBI also warned people to be cautious of anyone selling products that claim to prevent, treat, diagnose, or cure the coronavirus.
People should also be alert about counterfeit products, including sanitizers, respirator masks, and protective gloves, being advertised, the FBI added.
The FBI warning “shows how quick cyber gangs are at adapting to changing social circumstances and take advantage of world events in their social engineering campaigns,” said Mounir Hahad, head of Juniper Threat Labs at Juniper Networks.
U.S. residents should expect more online identity-stealing scams related to the U.S. 2020 census, which is mainly conducted online, Hahad added.
People should also be on the alert for scams coming from social media, texts, and phone calls, said Alex Hamerstone, the governance, risk, and compliance practice lead at TrustedSec, a cybersecurity and white hat hacking company.
Some cybercriminals are repurposing sextortion phishing emails to threaten people with the coronavirus instead. The emails are similar to sextortion messages in that they claim to have stolen victims’ passwords and monitored their online activity.
“They then go a step further by threatening to harm you or your family with coronavirus if you don’t pay them thousands of dollars,” Hamerstone added. “This scam is still in the early stages, and while many won’t be taken in by it now, there are several ways criminals are likely to improve upon it in the coming weeks in order to make it more believable.”
Texting messaging phishing, or smishing, is also on the rise, he said. “What makes smishing more of a challenge is that it is harder for the recipient to tell if the message is fake, as there is no separate way to validate the source of the message,” the way there is in email by checking the header, he added.
In some cases, criminals are using these text messages to distribute TinyURLs that lead the victim to a login page for a bank, health insurance account, Social Security, or other accounts that can be used for identity or financial fraud, he said.
Criminal organizations are “doing all they can to cash in” on the coronavirus outbreak, Hamerstone added.
