Cybercriminals regularly seize on popular news stories to take advantage of public fears. Case in point: the COVID-19 coronavirus outbreak. As reported cases and death tolls rise worldwide, malicious actors are using the pandemic to entice people to click on links, open attachments, and generally forget their security best practices and information awareness training.聽
Here are four common cyber threats to watch out for鈥攁nd potential ways to keep your employees, data, and organization safe during the COVID-19 pandemic.
1. Misleading 鈥渉ealth and safety鈥 emails
In the most common COVID-19 cyber threat, emails promise valuable information, but instead deliver dangerous malware for cyberespionage, ransomware installation, and credential theft. Examples include:
- through a fake statement about coronavirus in Hong Kong, which referenced 鈥淒r. Chuang Shuk-kwan, Head of the Communicable Disease Branch鈥 to add an appearance of legitimacy
- A remote access through a PDF of coronavirus safety measures
- Information-stealing through a coronavirus-themed email campaign about the shipping industry
- A virus through a coronavirus-themed
- A malware bot through an email titled 鈥,鈥 that looks like it鈥檚 from the Chinese Ministry of Health
- 聽鈥淐oronavirus鈥 ransomware that used a fake version of the site for Windows system utilities
Many examples of coronavirus social engineering so far have masqueraded as public health or official government announcements. However, as the virus spreads to the United States, some actors may adjust their tactics to pose as other prominent public officials, including politicians and local health authorities.
2. Dangerous websites and maps
Not all websites with COVID-19 in their URL are legitimate or safe. In late February 2020, reported 3% of all COVID-19-themed domains to be malicious and another 5% as suspicious, out of a sample of more than 4,000 domains.
As people search for information about the virus鈥 geographic spread, cybercriminals are also using online maps鈥攁nd selling coronavirus-themed malware loaders . In a well-publicized case, spoofed versions of Johns Hopkins University鈥檚 COVID-19 tracking map distributed information-stealing malware.
3. Phishing scams
Pretending to offer infection-prevention measures, information about new cases, and general COVID-19 鈥渁wareness,鈥 phishing campaigns target Microsoft Outlook and Office365鈥攁nd credit card data.
Scammers promise you can:
- Donate , water, and medical care, sometimes with a QR code for 鈥渄onating鈥 bitcoins
- Access non-public that 鈥渋s not being told to you by your government鈥
- hand sanitizers, vitamins, supplements, and other supplies to fight infection
- a COVID-19聽vaccine, payable by bitcoin through a fake PayPal page [Note: There is currently no to prevent coronavirus disease.]
4. State-sponsored campaigns
Nation-state actors are suspected to be actively using coronavirus themes in malware campaigns. While data remains relatively limited and it鈥檚 unclear how frequent this activity is, it seems clear that government-backed actors are utilizing mentions of the coronavirus to social engineer victims.
At the moment, state-sponsored campaigns appear to be geared predominantly toward cyberespionage. However, other types of campaigns, such as those targeting intellectual property, may be possible.
