COVID-19 global spread put all of us in some panic and frustrations, we all are more curious to know what is happening around and everywhere. To take advantage of this fear factor, hackers started to circulating coronavirus scam laden fake emails with dashboards purports to show maps tracking the spread of coronavirus but that may infect your computer with malware when opened.
Coronavirus Reliable Information Sources
People have flocked to COVID-19 dashboards maintained by media and health authorities that help track the spread of the virus as the number of confirmed cases surges past 2,952 in the US. Maps published by WHO, Johns Hopkins University or The New York Times are examples of reliable, non-malicious trackers.
The NewsGuard subscription service recently launched a Coronavirus Misinformation Tracking Center that lists websites reporting misleading and outright false information about the SARS-CoV-2 virus andrespiratory illness.
Facebook has decided to provide the World Health Organization (WHO) with free ad space on its social media platform in an effort to help its users by keeping them away from coronavirus scam info sites and to stay better informed about the recent coronavirus outbreak.
What Is Coronavirus Scam?
The hackers are spreading malicious coronavirus scam sites disguised as reliable COVID-19 maps, according to findings from cybersecurity firm Reason Labs, first reported by TechRadar. The tactic starts with hackers circulating links to malicious websites disguised as COVID-19 maps, either on social media or through misleading emails. When people open the sites, they’re directed to open an applet that can infect their device with AZORult, a years-old malware that steals data like login credentials and banking info.
This technique is pretty common, Reason Labs researcher Shai Alfasi wrote in a blog post. We will likely be seeing an increase in corona malware and corona malware variants well into the foreseeable future. To avoid the malware, people are advised to stick to verified COVID-19 tracking maps and to double-check the URL of a linked website before clicking. It’s one of many ways that hackers are capitalizing on fears surrounding the outbreak. Security researchers have warned of a rise in phishing scams in which hackers pose as health authorities offering information about COVID-19 in order to trick people to hand over their login credentials.
Unlike legitimate coronavirus dashboards, these fake websites prompt users to download an application to help them stay updated on the situation. This application doesn’t even need to be installed to infect a user’s computer with malware. As of now, the malware only affects Windows devices but Alfasi expects that hackers will find a way to develop a new version that can infect other operating systems as well.
Coronavirus Fake emails
Coronavirus-themed phishing email—a spoof on missives from the Centers for Disease Control and Prevention—in early February. A month later, a half-dozen versions of the email were circulating. All directed recipients to fake forms or a website designed to steal log-in credentials.
Cybercriminals have since crafted emails that appear to be from company HR departments. Like the CDC phishing emails, those also prompt the receiver to reveal log-in credentials.
For cybercriminals, captured log-ins and passwords are valuable, because they can be used to commit financial fraud or impersonate a legitimate user and access corporate computer networks.
Access to a consumer email address may be enough to reset key passwords for banking and other financial accounts.
Not all the emails seek credentials, though. Some distribute malware. In one version, discovered by KnowBe4 researchers, the author asks for help finding a “cure” for coronavirus, urging people to download software onto their computers to assist in the effort.
The download contains a virus capable of monitoring all activity on the device. And if that computer is logged into a business network, an attacker could, potentially, move throughout the system sweeping up information.
For many cybercriminals, gaining access to corporate computer systems is the chief goal. But, Howes says, consumer devices are enticing, too, noting that people have been keeping more of their most private information on personal computers these days, and cybercriminals are adept at monetizing that.
Fake coronavirus maps
A security researcher at Reason Labs, Shai Alfasi has discovered that hackers are now creating fake versions of these dashboards to steal information including user names, passwords, credit card numbers and other data stored in users’ browsers. In a blog post detailing his findings, Alfasi explained that these fake Covid-19 maps are using malicious software called AZORult to infect users’ machines, saying:
“The new malware activates a strain of malicious software known as AZORult. AZORult is an information stealer and was first discovered in 2016. It is used to steal browsing history, cookies, ID/passwords, cryptocurrency and more. It can also download additional malware onto infected machines. AZORult is commonly sold on Russian underground forums for the purpose of collecting sensitive data from an infected computer.”
Identifying these fake websites is easy enough as they often have a URL or details that are different from legitimate coronavirus dashboards.
To avoid falling victim to this latest Covid-19 scam, it is recommended that users only check verified dashboards such as the one from John Hopkins University for information regarding the virus.
Malicious Coronavirus Websites
As per a security research firm Recorded Future, there are a couple of fake, that identified as coronavirus scam websites (around 14 of them) that are being registered. The websites aren’t a source of providing relief but misinformation on Covid-19 and we must avoid referring to them and using them. Here are the 14 websites you must avoid using.
The list also involves malicious coronavirus websites as well that can cause hackers to hack users on the pretext of Coronavirus. Another report by Recorded Future suggests that a number of malicious activities have been taking place as cybercriminals are encashing on the Coronavirus outbreak.
To remain safe from this, you should ensure that you only look for Coronavirus-related information via official and reliable sources only and not fall for such traps.
How to Avoid Getting Scammed From Covid-19 emails
Here are some additional tips from digital security experts.
Think before you click. Howes says the best thing consumers can do to protect themselves is just slow down. If something doesn’t seem right about an email, just delete it—ideally before you open it. You’re better off not taking the risk.
Examine the link. Before you click on a link, try hovering your mouse over it. This will reveal the full address, which can expose signs of fraud. A “.ru” on the end, for example, means the site was created in Russia; “.br” means Brazil.
Misspellings in URLs are another good tip-off to a fake website. If the URL says corronaviruss.com, it’s best to avoid it. And if you get an email advertising a great deal on masks or hand sanitizer at a major retailer, open a window in your browser, search for the retailer’s web address, and compare it with the one in your email.
Don’t assume that a website is legitimate just because its URL starts with “https.” Criminals like to use encryption, too.
Don’t open attachments. They may contain malware. And you should never type confidential information into a form attached to an email. The sender can potentially track the info you enter.
Guard your financial information. Be wary of emails asking for account numbers, credit card numbers, wire transfers, and failed transactions. There’s no reason to share such info via message or an unsecured site.
Turn on auto-updates. This goes for your computer, smartphone, and tablets. Up-to-date antivirus software goes a long way toward stopping malware.
Use security tools. Install an antivirus program on your device, and keep it up to date. You can also use a website reputation rating tool, which comes in the form of a browser plugin, to warn you if you try to go to potentially dangerous websites. Cybersecurity companies such as McAfee, Kaspersky, and Norton offer them. But keep in mind that these tools aren’t foolproof.
Stay alerted and Stay safe!