Protect Yourself Online from COVID-19 and Coronavirus-related Scams By Allison Kaminsky, Deputy Executive Director, Texas Rural Water Association
C
ybercriminals are opportunists who are always adjusting their tactics to take advantage of individuals and organizations, and the COVID-19/Coronavirus pandemic is no exception. These criminals are exploiting the widespread desire for information, concern and fear surrounding the virus and a high-stress situation to attack their victims when they are most vulnerable. In a recent statement, the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the United Kingdom’s National Cyber Security Centre, announced that they are seeing a growing use of COVID-19 related themes by cyber attackers. These criminals are using COVID-19 or coronavirus-themed scams to target individuals, small and medium businesses and even large organizations. Phishing is a very common online tactic in which bad actors use deceptive emails or websites to either solicit sensitive information or distribute malware to their victims. In the wake of the pandemic, cybercriminals have been using phishing campaigns using the subject of COVID-19 or coronavirus as a lure. Many of these scams create the impression of authenticity by using legitimatelooking logos, official sounding titles and spoofing sender information so it looks like it’s coming from a trustworthy source. Examples of recent observed phishing email subject lines include: • • • •
2020 Coronavirus Updates Coronavirus Updates 2019-nCov: New confirmed cases in your City 2019-nCov: Coronavirus outbreak in your city (Emergency)
These emails often contain a call to action that encourage the victim to either open an attachment, download a file or visit a website that the bad actor then uses to either steal valuable data, such as usernames or passwords, credit card information, and other information, or distribute malware. In some instances, links embedded in the email will take the user to a fraudulent page 16
Quench — 2020 - Issue 2
that is impersonating a trusted site, such as Microsoft or Google, and prompt the user to enter their credentials. Typically, the only way to identify these sites is by closely examining the URL to find discrepancies. Once entered, the site captures your username and password and the cybercriminal can use that information to access your online accounts and further acquire your personal and sensitive information. Though most phishing attempts come by email, phishing can be carried out by other means as well, such as by messaging services, such as text message (SMS) or WhatsApp. These phishing attempts have been observed to have a financial theme associated with the pandemic, where victims readily surrender their contact and banking information to these bad actors under the false premise that they are signing up for government employment or financial support packages. In general, be suspicious of any messaging surrounding government aid packages responding to COVID-19, as this will continue to be a popular theme in phishing campaigns. Phishing campaigns intended to deploy malicious software, or malware, are typically designed to prompt a victim to open an attachment or click on a link to a malicious website to download a file that then compromises the device in use. Malware can be designed to do a range of things and can take on many forms. Common forms of malware include: • •
•
•
Spyware — Malware designed to covertly gather information and perform reconnaissance and report back to the attacker. Ransomware — Malware designed to encrypt your data so that you cannot access it so the attacker can then demand you do something to get it back. Virus – A self-replicating program designed to damage its target computer by attaching itself to a clean file and spreading, infecting files with malicious code. Trojan – Malware that enters your system disguised as a normal, harmless file or program
