Unless you’ve been in complete lack of contact with the world, you’ve probably heard of the coronavirus pandemic going around. With widespread travel bans, quarantines, and school and workplace shutdowns, the growing panic can be felt, as people are clearing out supermarket aisles of sanitary goods and take all necessary precautions to not catch the deadly virus.
Taking advantage of this growing panic are cybercriminals. According to Check Point’s research “there have been over 4,000 coronavirus-related domains registered globally. Coronavirus-related domains are 50% more likely to be malicious than other domains registered in the same period, and also higher than recent seasonal themes such as Valentine’s Day.”
The attackers are sending messages to victims, spreading conspiracy theories about unpublished medicines and treatments, and using names of legitimate health organizations, such as WHO (World Health Organization). This way, attackers try to steal information or distribute links to websites designed to steal identification information.
Here’s an example of a phishing email impersonating the World Health Organization with an attachment that leads to the installation of malware:
In recent months, many fraudulent sites have been identified as seeking to sell face masks, vaccines, and home virus detection kits. One example is a Russian website offering for sale the “best test kit for detecting the Coronavirus for 19,000 rubles (about $300)”.
There is also a malicious app called “Coronavirus” impersonating as an app that allows real-time viewing of the virus spread rate.
Many of these domains and apps will likely be used for phishing attempts. ZoneAlarm Extreme Security has been able to spot and block these malicious websites and apps with its Anti-Phishing and Mobile Security features.
How can I protect myself?
References: Consienta Cyber Awareness and Check Point Software Technologies