Amid the Coronavirus scare, experts has it this has caused a spike in email scams and one of the worst in recent years. According to these security experts, Cyber-scammers are targeting people and industries which includes transportation companies, manufacturing industry, hospitality, healthcare and even the insurance industry.
It’s made known that these cyber-criminals would create phishing emails which are well written in English, Turkish, French, Italian and Japanese and get them sent over to with the hope of getting people to fall prey to this practices. The BBC has tracked five of these campaigns which are highlighted below.
1. They ask you to “Click here for a cure”
According to a research firm focusing on Cyber-security, Proofpoint discovered a strange email being sent to customers back in February, the content of the email definitely revealed some fishy intentions as the message purported to be from some unknown doctor who has the vaccine that is being used by the Chinese and UK governments but which they would not make public.
According to the Proofpoint, those that clicked on the attached document that accompanied the email were taken to a spoof webpage which was designed to collect tons of details. According to the research firm, over 200,000 emails are being sent at a time.
“We have seen 35-plus consecutive days of malicious coronavirus email campaigns, with many using fear to convince victims to click,” says Sherrod DeGrippo from the company’s threat research and detection team.
Proofpoint says three to four variations are launched each day.
“It’s obvious these campaigns are returning dividends for cyber-criminals,” says Ms DeGrippo.
So to stay clear off this track, the best advise is to not click in haste but to either long press the link (for Android/iOS) to reveal the Hyperlink or Hover on the link address if on a Desktop and if you notice the URL looks fishy, then just don’t bother, delete the message straight-up.
2. They call themselves the “Covid-19 tax refund”
Not a single attempt is being devised by this scammers to defraud people during this time of global health crisis. Researchers at another cyber-security firm, Mimecast also flagged another scam a few weeks ago. On the morning they detected it, they saw more than 200 examples in just a few hours.
This emails were designed to take people to a shady website designed to mimic that of the government through the “Access your funds now” button which will take people to a fake government webpage encouraging them to input all their financial and tax information.
“Do not respond to any electronic communication in relation to monies via email,” says Carl Wearn, head of e-crime at Mimecast. “And certainly do not click on any links in any related message. This is not how HMRC would advise you of a potential tax refund.”
So it’ll be really smart to be skeptical about emails asking you to reveal your personal information especially those information that requires high level of trust and so forth.
3. Pretending to be WHO “Little measure that saves”
The next are hackers who pretends to represent the World Health Organization (WHO) while they attach a document which details how recipients can prevent the spread of the disease.
“This little measure can save you,” they claim. According to Proofpoint, the attachment that accompanies this email doesn’t always have any useful advice but just infect your computer with malicious software called AgentTesla Keylogger.
This records every keystroke and sends it to the attackers, a tactic that allows them to monitor their victims’ every move online.
To stir clear of this, it’ll be better to visit the WHO’s official website yourself and be skeptical of reading email messages from people who claims to be WHO.
4. They also pretend to be CDC “The virus is now airborne”
They send the message with the headline COID-19 now airborne, increased community transmission.
This email is designed to look as though it’s from the Centres for Disease Control and Prevention (CDC) and even uses the organization’s legitimate email addresses but those behind this are using spoofing tools.
According to CoFense, a cyber-defence provider first detected the scam which it describes as being an attempt to weaponize fear and panic which is of course the case.
There is a link that accompanies the email and directs those that clicks on it to a fake Microsoft Login page and then encourages them to login with their email address and password after which they are then redirected to the actual CDC advice page which makes it seem 100% authentic.
The problem here is that the hackers already got the email address which can later be used for whatever they want. Cofense says the combination of a “rather good forgery” and a “high stress situation” make for a potent trap.
Which is why it’s really advisable to enable two-factor authentication so that you’ll need to enter a code texted or provided to you before anyone has access to your email account.
5. They just come direct as “Donate here to help the fight”
The above screenshot shows the example which is being used by these cyber-criminals according to Malware expert company, Kaspersky. According to this report, the hackers request for donation to help develop vaccine and request payments be made to them using the cryptocurrency Bitcoin.
If you think about it, that might be a truly shady way of requesting donation from people over a global health emergency but then they include a really convincing signature.
According to Kaspersky, more than 513 different files with the Coronavirus being the title has been discovered and they all contain malware.
“We expect the numbers to grow, of course, as the real virus continues to spread,” says David Emm, principal security researcher at the firm.
To stay safe, the best thing is to be mindful of the types of email you open especially those that are aggressively prompting you to take action because of the Coronavirus. It will also be a good idea to have your computer security well setup during this period.