COVID-19: Think before you click
The increasing number of COVID-19 web attacks and scams that you must know
Cybercriminals often take benefit of trending topics in the news, such as the coronavirus, to try and prey on people who keep a close eye on how the virus is spreading across the globe. Hackers are now sending emails and creating websites designed to deceive people into clicking on malicious links disguised as helpful resources. Hackers prey on people using anxiety and stress ploys to inject malware into computers and steal online banking credentials or credit card numbers.
Several organizations such as the World Health Organization, the Centers for Disease Control and Prevention and Johns Hopkins University have made dashboards to keep track of COVID-19. But now, the attackers are replicating the exact dashboard to manipulate users searching for an accurate and up-to-date report.
Even if you are a tech-savvy person, it becomes tricky to spot the fraudulent web pages. Partly because you are too eager to see the news and not analyzing the minor details like the URL of a web page or image of a map or any instructions. Thus, criminals are exploiting human fear and interest.
Every person should be aware of how these attackers access their confidential data. Two of the recent scams are discussed below.
The Malicious Coronavirus Map
Shai Alfasi, a security researcher at Reason Labs, uncovered that the cybercriminals are using maps to sneak data of users including user names, passwords, credit card numbers, and other sensitive information stored in the browser. Attackers can use this information for trading it on the deep web or for obtaining access to banks or social media accounts.
Reason Labs researcher Shai Alfasi uncovered a malicious program, Corona-Virus-Map.com, that claims to provide a latest coronavirus dashboard map. The website produces a map that looks exactly like the Johns Hopkins University’s visualization. However, the software embeds a malware called Corona.exe, which is a variant of AZORult, a type of spyware that is used for collecting sensitive data from an infected computer. Shai also added the following on AZORult:
“It is used to steal browsing history, cookies, ID/passwords, cryptocurrency and more. It can also download additional malware onto infected machines. AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer.”
A new variant of AZORult creates a hidden administrator admin account on your computer to perform remote connections and transmits sensitive information.
We can expect that such malware variant attacks will rise in the future as the COVID-19 continues to spread. However, there would be adequate application technology that can easily track and warn the user.
Phishing Attacks
A phishing attack is a type of social engineering attack that often steals user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The attackers seem to inflict fear among email recipients, thus, making them more likely to click on the malicious attachment.
Emails frequently use the COVID-19 as a lure in the subject line. Email’s body message claim news about the government’s preventive measures or infection rate numbers or any information regarding the virus. Few emails claim to be from the World Health Organization or the Centers for Disease Control and Prevention. Few recommend a link to coronavirus map of the recipient’s country or an update on how many people have been infected, recovered or died.
The scammers use social media platforms such as Facebook, WhatsApp, and text messaging applications to offer fake COVID-19 products. Private companies claim to sell fake COVID-19 test kits or duct filtering services. The fraudsters disguised as Financial advisers send SMS to people and pressurize them to invest in hot health care industries stocks or offer them financial aid or loans.
It is really difficult to identify between a genuine and a fake phishing email. Once the recipient clicks on the link or downloads a file from the link, then the attacker exploits the victim’s information including user credentials or bank account details or infects the victim’s computer with a virus or malware.
How can we detect and prevent cyberattacks?
Even if you don’t currently have adequate knowledge about securing a computer system, here are a few simple, economical steps you can take to reduce your risk of falling victim to a costly cyber attack:
- Install, use and regularly update antivirus and antispyware software on every computer
- Use a firewall for your Internet connection
- Download and install software updates for your operating systems and applications as they become available
- Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace make sure it is secure and hidden.
- Check the URL of the website before clicking the link
- Learn about anti-phishing techniques such as not click on the unknown sender or a password reset requests
- Use email filtering services and multifactor authentication
- Regularly change passwords
In addition to these preventive measures, the users should actively report such spam or possible malicious emails to their cybersecurity department on the respective country as well as alert the local community about such activities.
In this unusual situation and hard time of the COVID-19 outbreak, kindly spread the message across to everyone: Take care and stay sane.
Thanks for reading!
You can find links to my other work on Medium and follow me here.
For tips and tricks on working remotely, check out my blog here.
