Coronavirus: New Phishing Campaigns Exploit the Global Panic

• March 15th, 2020
• 7 Comments
• anti-phishing, Data Privacy, Data Protection, Online Privacy, Online Safety, PC security, remote work, Uncategorized

Unless you’ve been in complete lack of contact with the world, you’ve probably heard of the coronavirus pandemic going around. With widespread travel bans, quarantines, and school and workplace shutdowns, the growing panic can be felt, as people are clearing out supermarket aisles of sanitary goods and take all necessary precautions to not catch the deadly virus.

Taking advantage of this growing panic are cybercriminals. According to Check Point’s research “there have been over 4,000 coronavirus-related domains registered globally. Coronavirus-related domains are 50% more likely to be malicious than other domains registered in the same period, and also higher than recent seasonal themes such as Valentine’s Day.” 

The attackers are sending messages to victims, spreading conspiracy theories about unpublished medicines and treatments, and using names of legitimate health organizations, such as WHO (World Health Organization). This way, attackers try to steal information or distribute links to websites designed to steal identification information.

Here’s an example of a phishing email impersonating the World Health Organization with an attachment that leads to the installation of malware:

In recent months, many fraudulent sites have been identified as seeking to sell face masks, vaccines, and home virus detection kits. One example is a Russian website offering for sale the “best test kit for detecting the Coronavirus for 19,000 rubles (about $300)”.

There is also a malicious app called “Coronavirus” impersonating as an app that allows real-time viewing of the virus spread rate.

Many of these domains and apps will likely be used for phishing attempts. ZoneAlarm Extreme Security has been able to spot and block these malicious websites and apps with its Anti-Phishing and Mobile Security features.  

How can I protect myself?

• Suspect threatening messages like “If you don’t open the file…”, “50 more vaccines left to purchase” or seductive (“Purchase vaccine/mask at 70% off”).

• Check the sender’s name and address carefully – Do not open links or perform actions coming from an unknown sender or from someone whose credibility is questionable.

• Instead of clicking on promotion ads, search your desired retailer and click the link from the browser results page. You can use ZoneAlarm’s Safe Search engine as part of the  Web Secure Free product to ensure the websites you visit are safe.

• Avoid clicking suspicious links in emails or clicking promotional links. Proactively search for your sites and services using your browser.

• Avoid downloading/opening attachments in unfamiliar or suspicious emails – scammers try to entice you with documents that allegedly contain virus protection instructions, but they contain malware.

• Ensure you are ordering goods from an authentic source. One way to do this is NOT to click on promotional links in emails, and instead Google your desired retailer and click the link from the Google results page.

References: Consienta Cyber Awareness and Check Point Software Technologies