Phishing scams have multiple ways of selecting their victims. Quite often they prey on the victim’s fear by using real and current threats. Other times they jump on the opportunity bandwagon with stories that are highly topical in the news. And every so often one comes along that packs the double punch. Yes, coronavirus (COVID-19) malware has joined the conversation.
What is COVID-19?
I mean...have you been living in a bubble? If you’re asking this question, you probably have. And my advice to you my friend is stay in that bubble.
The current coronavirus is named COVID-19 and is a zoonotic disease that has been declared a global pandemic. It’s a very real threat and one that is being taken very seriously. We’re no health experts here, so we highly recommend that you head over to the World Health Organisation for the latest information.
As we mentioned above, the rising threat of COVID-19 means a surge in people desperate for the most up-to-date information on current events. Which is exactly when phishing scams tend to work best. They thrive on public reaction and right now everyone is reacting to all things coronavirus. Chances are, you probably landed on this very article after opening a coronavirus labelled email. Luckily we’re the good guys — but not everyone is.
Okay, but what’s coronavirus malware?
In a nutshell, it’s a way of using the coronavirus crisis to pretend to offer information or services to the public which are actually filled with malware designed to hurt or steal from people. Here’s a few examples.
Industry targeted emails
Phishing scams targeting the manufacturing, transportation, higher education, and healthcare industries have been discovered promoting COVID-19 cures as well as topical conspiracies. Once the email attachments are opened, malware is able to harvest data and wreak havoc.
World Health Organisation spoofs
Last week a spoofing campaign targeting Italian email addresses was launched. It coincided with the Italian government increasing the quarantine measures within the country and therefore capitalized on the fear of those it targeted. The emails contained a document allegedly containing a list of precautions to take to stop the spread of the virus. Once the document was opened the device was compromised and personal information was harvested.
Remote worker email scams
In line with the global response to the crisis, hackers are doing their best to be reactive in every scenario. Most recently, many companies worldwide have encouraged their employees to work from home. These lists are available online, so the information is available to anyone. Hackers send emails claiming to be from company HR departments asking users to sign into DocuSign or Microsoft Word and then boom — credentials stolen.
As the virus spreads several organizations have produced reactive maps allowing viewers to keep track of the global pandemic. So, of course, hackers want their piece of the pie. The malware is indeed a map showing how coronavirus is spreading but it’s just a front for attackers to generate malicious files and install them on your computer. They are then able to steal info stored in your browser such as passwords and credit card details.
Wash your hands clean of coronavirus scams
So how can you stay safe? The coronavirus outbreak is a constantly evolving situation with events changing everyday. People want information as fast and efficiently as they possibly can — it’s the nature of the world we live in. But there are several reliable and trusted sources which should be your go-to when looking for advice, precautions, and updates. To make it easy on ya here’s a shortlist. We’ve included the top US and UK sources for information but if you're somewhere else then your government website is your best bet.
- World Health Organisation (WHO)
- Centers for Disease Control and Prevention (CDC)
- National Health Service (NHS)
- Department of State
- Foreign & Commonwealth Office (FCO)
As well as making sure you only get your information from reliable sources there are also other things you can do to make sure the information you're seeing is trustworthy.
- Know your sources. Use well known sites with good reputations when it comes to sharing accurate news and verifiable facts.
- Don’t click on links in unknown emails. Even if the email seems legit, check it and check it again. Does the email address match the sender's name? Are there any typos in the address, no matter how small? Is the layout slightly off? Are sentences structured strangely?
- Same goes for attachments. Make sure you check the email is absolutely from someone you know before downloading any attachments and even then double check.
- With websites, check the link for strange typos to make sure they are safe, added numbers, or anything that doesn't seem right. It might be different to the website you meant to go to, indicating it's fraudulent.
- Think about how it’s been shared. Facebook posts can be written, doctored and distributed by anyone. Remember, multiple likes and shares does not mean the information is factual. The same goes for What’s App chains and Tweets.
Stopping the spread of coronavirus misinformation
Preventing the spread of fake news is an ongoing battle in the world we live in today, and it’s a tough war. Currently there is so much inaccurate information being spread about the coronavirus that the WHO have stated they were facing an “infodemic” in their attempt to curb the misinformation.
Google, Facebook, and Twitter have said they are working hard to remove coronavirus misinformation as soon as they know about it, and are working with the WHO and government agencies to make sure the correct information is given to the public.
In the UK official NHS guidance is now displayed at the top of internet search results in a bid to ensure people are able to access the correct information when they go looking for it.
We hope this article enables you to find the correct information about the virus as well as avoid scams and threats designed to target you and your data during this crisis. From all of us here at AVG stay safe online and healthy offline.