Coronavirus Scams: Phishing, fake COVID-19 cures, and more

Home  »  Blog  »  Cyber Security  »  Coronavirus Scams:...

By Bill Minahan   |   March 17, 2020   |   0 Comments

Coronavirus Phishing Scams

Coronavirus scams are popping up over the internet in the wake of the global COVID-19 pandemic. Scammers are taking advantage of the vulnerable and afraid by sending out phishing campaigns designed to steal money or infect devices with ransomware.

coronavirus scams

There is currently a surge of scams in inboxes and on social media platforms from cyber criminals pitching coronavirus health information, fake cures, and other forms of malicious content.

As panic rises and tensions are high, cyber criminals know that potential victims are likely to have their guard down. Hackers are taking advantage of individuals and organizations desperate for online updates on the pandemic.

Here are some things to keep in mind during the pandemic to protect yourself, your data, and your business.

Coronavirus Scams

If you are trying to avoid the surge of coronavirus scams popping up on the internet, then make sure you are aware of the scams and schemes listed below.

Check your sources

  • The federal government has not announced any plans to impose a national quarantine, so be wary of rumors spread on unreliable websites or on social media platforms. Make sure you are getting your information directly from the source. The Center for Disease Control, the World Health Organization, official government websites, or trusted media sources. Furthermore, many spoof domains pretending to be official government domains have popped up in order to gain a sense of authority and trust. However, do not click on any links before first confirming the source. If something seems suspicious, trust your gut and avoid clicking on it.

Avoid fake COVID-19 cures for sale online

  • There are currently no vaccines, lotions, potions, etc. that cure or help you avoid the coronavirus for sale online right now. Scammers have made a significant profit off the sale of bogus coronavirus cure products. The Federal Trade Commission and the U.S. Food and Drug Administration have already sent several warning letters to companies allegedly selling unapproved products that may violate federal law by making deceptive claims about their capacity to cure COVID-19.

Don’t click on unfamiliar or unexpected links

  • Be mindful of phishing emails that disguise themselves as coming from the Center for Disease Control (CDC) or the World Health Organization (WHO). In fact, avoid clicking on links in general that come from unfamiliar sources and have information related to the pandemic. Don’t click on attachments, maps, or enter your data into unfamiliar forms. Methods of avoiding coronavirus scams are similar to methods avoiding most other scams. If you need help identifying phishing links, emails, and other scams, check out how to avoid a phishing attack here.

Fake Coronavirus Tracker Apps and Sites

  • An Android app called COVID-19 tracker is one example of ransomware that masks itself as a real-time coronavirus map, similar to legitimate ones offered by the NYTimes and John Hopkins. If a user downloads and grants access to the app, then the ransomware is enabled and locks a user out of their device and demands they pay $100 to the hackers within 48 hours. If the victim doesn’t pay, the ransomware threatens to delete their phone storage and hack their social media accounts. Last week, cyber security researchers identified several fake COVID-19 tracker maps that infect computers with malware when opened.

How to Avoid Coronavirus Scams

Think before you click

  • The best thing you can do to protect yourself online in the wake of the coronavirus scams is to slow down and think before you click. If an email seems suspicious, or you see other sure signs of phishing such as a sense of urgency or spelling errors, don’t click on it—delete it.

Examine and confirm links

  • Before you click on a link, confirm it’s coming from who it claims to be by hovering your mouse over it. In most cases, it will reveal the full address of the link and potentially expose a link that’s disguised as another. Plus, domain spoofs are popping up that are meant to closely resemble official government websites. If you have a question, go to the website directly and not through an email link. Furthermore, do the same for any attachments related to the coronavirus as it could also be a scam.

Don’t open attachments

  • Attachments can contain ransomware or other strains of malware. Furthermore, you should never type sensitive information into a form attached to an email. The sender could potentially track the information you enter in. If you are suspicious of or were not expecting an attachment from someone, then do not open it because it could potentially infect your device as well as your network.

Use security tools

  • If you access corporate or confidential data on your device, then you should be utilizing security tools. For example, antivirus and web content filtering. These tools are designed to protect you and your data from cybercriminals and scammers. These tools make it less likely that malicious links will end up in your inbox in the first place. If you’re looking for more information on how to secure your network, read more here.

Secure your information from coronavirus scams

As pandemic-related scams continue to pop up over the internet, make sure you remain vigilant. Don’t click on links or attachments from unknown sources or make donations to charities looking for money in your inbox. Get your information from trusted sources such as research institutions or government.

If you have any questions about how to protect your network security in the wake of the coronavirus scams, then our security experts are waiting to help. You can schedule a meeting here.

If you are looking for information on remote working security policies, then read more here.

Finally, you can always find us on Twitter, Facebook, and LinkedIn.