Cybercriminals Taking Advantage of the COVID-19 Outbreak: Guest Post by Stephanie Nizzari

Government officials and healthcare professionals are working extremely hard to contain the global outbreak of COVID-19, which is defined as "a mild to severe respiratory illness that is caused by a coronavirus." Meanwhile, online criminals are increasingly making efforts to take advantage of the current outbreak and they are adding strain on efforts to contain the virus. 

People worldwide are at risk of malicious emails, attempting to exploit them by sending them spam mail disguised as helpful resources. Criminals know people are scared and seeking information to stay safe. Knowing this, they are using emails that seem as though they have been sent by legitimate companies to get people to share their information.  

In the blog post "COVID-19 Outbreak Prompts Opportunistic Wave of Malicious Email Campaigns," the author provides examples of a COVID-19 themed scam campaigns. This is useful because most of the malicious emails and messages being sent look very legitimate at first glance. The author mentions that hackers are using "a range of tactics in a bid to evade detection, such as using a variety of email templates along with heavy randomization of subject lines, “From” addresses, IP addresses, and URL domains."

Here is an example of a COVID-19 themed scam email the author provided:

Companies like Forbes have recognized this harmful trend and, in response, have put out warnings on their website about cyberthreats. In the article "Coronavirus Scam Alert: Watch Out For These Risky COVID-19 Websites And Emails," they called out the following domains as potentially dangerous:
  • coronavirusstatus[.]space
  • coronavirus-map[.]com
  • blogcoronacl.canalcero[.]digital
  • coronavirus[.]zone
  • coronavirus-realtime[.]com
  • coronavirus[.]app
  • bgvfr.coronavirusaware[.]xyz
  • coronavirusaware[.]xyz

Additionally, the Forbes author includes research that "shows crooks and snoops have been rapidly registering vast numbers of potentially-malicious websites and sending out masses of scam emails as they try to make money from the pandemic."

Media outlets are also educating viewers on malicious emails. NBC News put out the story "Coronavirus scammers are seeking to profit off the deadly virus," the reporter's example to their viewers that "Criminal hackers, scammers, and even governments have been sending fake coronavirus-themed emails designed to trick people into opening attachments that download malicious software, allowing access to their data, experts told NBC News.”

How to Recognize and Stay Protected from Scams:
Cybercriminal activity during this global pandemic can result in financial damage and the promotion of false and potentially dangerous guidelines for people to follow. Knowing the facts about how to recognize malicious emails, can help protect you from falling victim to scams. Here are some ways to recognize scams:
Þ   Unknown email addresses
o   This one is easy, don’t open the email if you do not recognize the sender.
Þ   If they ask for personal information
o   Legitimate business will never ask you for information such as your social security or credit card number via email.
Þ   Spelling mistake
o   This is one of the best and easiest ways to spot a scam. Legitimate companies send out well written contact. If the email contains spelling mistakes it may be a hacker.
Þ   Install anti-virus software
o   Anti-virus software can detect spam emails as they come in and flags them as spam.

No comments: