Governments’ Coronavirus Financial Relief Targeted by Cybercriminals

“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both.” FBI Public Service Announcement, March 2020.

As we are all much too aware, the Covid-19 pandemic has caused massive – and very rapid – economic, political, and societal upheaval. While it has forced lay-offs and shut down entire industries from main street to the mall and beyond, one area that hasn’t seen a slowdown is cybercrime. 

Statistics show that since the beginning of the coronavirus pandemic, ‘physical’ crime has decreased, which seems understandable given the ubiquitous lock-downs taking place throughout Europe, North America, and all corners of the globe. But cybercrime, such as phishing, is up, and that’s worrying, especially as it comes at a time when businesses and individuals are under a cloud of financial uncertainty, with huge losses in the world’s stock market, closed businesses, and lost jobs.

With this economy as the backdrop, many of us had a sigh of relief when we learned that various governments have plans to step in with financial aid packages to assist individuals and businesses affected by the virus. Unfortunately, cybercriminals have also jumped at the news, rejoicing that aid money will be moving around the globe from governments, insurance companies, and businesses to individuals and small-business owners; money they hope to get their hands on.

It’s a lot of money.

In fact, we are talking about a heck of a lot of money here, with figures that make the bailouts of the 2008 global financial crisis look like peanuts. How much money? Here are some of the financial aid programs governments are planning to put into place:

As it turns out, these initiatives, while appreciated, might never reach the intended recipients as sending out billions of dollars in checks or direct deposits is not easy. Taking the US relief effort as an example, the Washington Post noted just how much the Trump Administration needs to do as it attempts to roll out a new, secure website for making payments. On this site and others like it, millions of Americans will be asked to enter their banking information, and for some, this could be an open invitation for scammers adept at preying on confusion and vulnerable systems to help themselves to a piece of this very big pie.

Phishing in the time of Covid-19

Over the coming weeks, there is a fair chance that you will receive communications (email, text messages) regarding your finances. These could be claims from employees, mortgage deferrals, adjusted bills, welfare payments, stimulus checks, insurance payments – a whole host of things you don’t usually encounter, and these messages could be putting you at risk. Furthermore, when the government payments start rolling out to billions of people, criminals will increase their efforts to gain access to the money, likely through phishing or the stealing of banking credentials such as passwords. Phishing, a fraudulent activity aimed at securing private and sensitive information, is not a new threat, but in the last several months as Covid-19 has been wreaking havoc to the health and finances of individuals around the world, the Check Point Incident Response Team (CPIRT) has observed an increased level of phishing attacks as cybercriminals look to take advantage of the pandemic.

It’s possible that an email you receive seeking clarification on a payment or bank account is genuine. Yet, there is also a chance that it’s a phishing attack, an attempt designed to capitalize on the confusion created by the coronavirus.

Other threats

While phishing is regarded as the most common method for cybercriminals to take advantage of the coronavirus pandemic, it is by no means the only method. Hospitals have always been a favorite target of ransomware attackers, and we have seen evidence of attacks on hospitals on the front line of treating coronavirus patients. Other threats, including infecting government systems with sophisticated malware, have also been detected.

Should you panic? NO! Should you take precautions? YES.

One important precaution – perhaps now more than ever – is to protect your computer and your data.

Keeping data safe during the Covid-19 pandemic

While the threat of coronavirus cyberattacks is unprecedented, you should be taking steps to protect your finances for an onslaught from hackers ready to take advantage of the confusion surrounding Covid-19 and your government’s financial aid.

As always, the first defense against phishing attacks is the application of common sense. Always be skeptical about unsolicited emails and texts asking for information, and avoid phishing scams specifically with ZoneAlarm Anti-Phishing, a protection feature offered as part of the Web Secure Free Chrome extension. For extra protection, you might also consider ZoneAlarm Extreme Security, which is a complete security solution tackling phishing, ransomware, malware, viruses, and provides safe downloads.  

Additional steps you can take now

•    Treat all emails referencing coronavirus with suspicion, especially if they come from an unknown sender or are encouraging you to act quickly.

•    Be wary of clicking promotional adverts and links from emails. To be on the safe side, you can install ZoneAlarm’s Web Secure Free Chrome extension is which keeps you safe from phishing attempts, dangerous websites in search engine results, and malicious downloads. 

•    Take extra precautions when entering banking details into a website, even if it looks like a legitimate part of your government’s financial assistance scheme. Question everything and take steps to verify it.

•    Update and, if necessary, upgrade your security software on all devices.