Author Yacine Merdjemak
During these hard times, several “heroes without capes” are working exhausting hours, risking their lives to counteract the spread of the coronavirus. Many Samaritans are eager to help despite social distancing guidelines, while others rush to donate blood or attend to the elderly neighbor. Unfortunately, this pandemic offers a fertile ground to cyber predators who seize upon the concern and fears of the population and use it as bait to unleash their most vicious cyber-attacks on the most vulnerable communities worldwide.
While corporations, banks, and other government agencies send COVID-19 updates and other guidelines to their customers and employees, online visitors, avid for pertinent information to protect themselves and their families, rush to interact and respond to scam campaign thus becoming easy targets. The Cybersecurity and Infrastructure Agency (CISA) recently released alerts on threat actors utilizing COVID-19 related scams. Like the virus itself, COVID-19-themed scams have grown exponentially to represent a significant porting of global spam traffic. Despite cyber criminals’ creative dark side, the list of attack vectors is not innovative or COVID-19 specific. It is however extensive and is not limited to the following vectors:
Cyber actors send phishing emails to serve malware and landing pages luring victims into giving away sensitive information or donating to outright charity scams. Fake CDC or WHO emails, links to COVID-19 maps, and emails saying an event you attended may have COVID-19, are many opportunities to lure unsuspecting victims.
Vulnerable victims may face more forceful attacks such as COVID-19-themed social engineering attacks, ransomware strains, and other extortion, intimidation, and authority scams some of which even demanding from victims to pay a lot of money in return of being spared coronavirus contamination! A recent ransomware scheme included a fake Android COVID-19 tracker app which locks victims’ phone and demands money to unlock it!
Nefarious misinformation campaigns including multiple dark web sites claim to sell COVID-19 supplies such as masks, emergency cleaning supplies, and even counterfeit cures or vaccines in return of bitcoin but fail to deliver to their victims.
Domain name squatting using keyword such as “coronavirus” and “COVID-19” skyrocketed in recent weeks and remind us that we need to be extra cautious when interacting with pandemic related websites.
While we observe confinement and handwashing guidelines, teleworking from outside protected corporate IT environments certainly presents new dangers. Considering the above threats, it has become imperative to remain vigilant and to remind ourselves of best practices in applying proper cyber hygiene:
Scrupulously identify suspicious links, especially those about COVID-19 and links to documents and attachments from senders you don’t recognize.
Beware of fraudulent charities and do not respond to solicitations to provide personal or financial information.
Refer to legitimate sources for up-to-date information regarding COVID-19, verify website addresses, or better, type them manually.
Make sure your home Wi-Fi is protected with a strong password, your computer firewall and antivirus software are enabled, and understand the risks of using public Wi-Fi networks.
About the author: Yacine Merdjemak is a senior software engineer at government contractor VariQ and a computer science adjunct faculty at Saint-Xavier university. Throughout his professional experience, Yacine led major software projects for the government, for scientific research, and for the private sector. He is passionate about cybersecurity and its intersection with quantum information sciences. Yacine joined CSNP as an outreach lead to support its mission in promoting online safety awareness and education.