COVID-19 has brought cyber criminals a new angle in which to take advantage of people. Building on several scams that were already out there being circulated, there are many faces to these scams: fake charities, online shopping, phishy emails (impersonating legitimate organizations like WHO and CDC), robocalls, romance scams, and those pushed through social media. Learn more and take action here.
If you receive a text message like the one pictured here, DO NOT click the link! It is not a message from any official agency. It is however a gateway for bad actors to find their way into your world.
The FBI's Internet Crime Complaint Center (IC3) is warning users of a new ongoing phishing attack that uses fake government economic stimulus checks as bait to steal personal information from potential victims. Criminal actors are using a variety of means to contact potential victims. In one instance, the criminal actors are using spoofed email addresses posing as U.S. Treasury officials requesting that the victim provide personal identifying information (PII), so that they can receive their share of the stimulus. A redacted example of an attack email is below: Be aware of phishing emails asking you to verify your personal information to receive an economic stimulus check from the government. Government agencies are not sending unsolicited emails seeking your private information in order to send you money.
Bad actors are impersonating the World Health Organization (WHO) and the Center for Disease Control (CDC) emails and using them to send malicious content. Do not be fooled. Visit their respective pages directly: https://www.who.int/emergencies/diseases/novel-coronavirus-2019 and https://www.cdc.gov/coronavirus/2019-ncov/index.html
Attackers are using the pandemic to send out maps of infected areas. These carry malware and infect your device when interacted with. See the above links to WHO and CDC for locations to find this type of information from reputable sources.
We advise caution when receiving unsolicited offers for free software. "Vendors (of a variety of reputations) are spamming distributed IT with “free offers”. We are seeing an increase in emails with all manner of free offers. In most cases, accepting them without any enterprise agreement, DUA, and other contractual instruments that we use to protect privacy, mitigate risk, ensure regulatory compliance (HIPAA, FERPA), and maintain ownership of University data and intellectual property is a liability. There are a lot of vendors right now using the crisis as an opportunity to up-sell universities from free to paid offerings and/or to get our data and monetize it. Don’t take the bait." - via Micronet listserv
For more information on these types of attacks:
- World Health Organization Warns of Coronavirus Phishing Attacks https://www.bleepingcomputer.com/news/security/world-health-organization-warns-of-coronavirus-phishing-attacks/(link is external)
- NCOV ransomware Removal Guide https://www.2-remove-virus.com/ncov-ransomware-removal-2/(link is external)
- FTC Warns of Ongoing Scams Using Coronavirus Bait https://www.bleepingcomputer.com/news/security/ftc-warns-of-ongoing-scams-using-coronavirus-bait/(link is external)
- Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients publication https://healthsectorcouncil.org/hhs-and-hscc-release-voluntary-cybersecurity-practices-for-the-health-industry/(link is external)
- Hackers Hijack Routers’ DNS to Spread Malicious COVID-19 Apps
- Netwalker Ransomware Infecting Users via Coronavirus Phishing
- Fake “Corona Antivirus” distributes BlackNET remote administration tool
- MalwareHunterTeam identifies Coronavirus themed @Airbnb phishing [TWEET]
- Coronavirus-related digital fraud: 22% of Americans targeted