Cybercriminals Using Coronavirus to Carry Out Phishing Attacks
According to the World Health Organization (WHO), cyber criminals are disguising themselves as WHO to steal money or sensitive information.
WHO is aware of suspicious email messages attempting to take advantage of the 2019 novel coronavirus emergency, says the organization. These “Phishing” emails appear to be from WHO, and will ask users to:
- give sensitive information, such as usernames or passwords
- click a malicious link
- open a malicious attachment.
Using this method, criminals can install malware or steal sensitive information, warns the organization. WHO says the following tips can prevent a phishing attack:
- Verify the sender by checking their email address. Make sure the sender has an email address such as ‘email@example.com’ If there is anything other than ‘who.int’ after the ‘@’ symbol, this sender is not from WHO. WHO does not send email from addresses ending in ‘@who.com’ , ‘@who.org’ or ‘@who-safety.org’ for example.
- Check the link before you click. Make sure the link starts with ‘https://www.who.int’. Better still, navigate to the WHO website directly, by typing ‘https://www.who.int’ into your browser.
- Be careful when providing personal information. Always consider why someone wants your information and if it is appropriate. There is no reason someone would need your username & password to access public information.
- Do not rush or feel under pressure. Cybercriminals use emergencies such as 2019-nCov to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.
- If you gave sensitive information, don’t panic. If you believe you have given data such as your username or passwords to cybercriminals, immediately change your credentials on each site where you have used them.
- If you see a scam, report it. If you see a scam, tell WHO about it.
Security spoke to a few experts who provided the following commentary and advice:
Chris Hazelton, Director of Security Solutions at Lookout: “This is the continued evolution of how malicious cybersecurity attackers are looking to trick targets into sharing personal, financial, and business information. We are aware of someone who received a Smishing message that said "First Coronavirus detection in the Back Bay. Click here for updates. "
Any approach that leverages Maslow's hierarchy of needs - particularly need for safety and love of family - will have significant success. These attacks are particularly effective when sent by channels that often trigger immediate responses from recipients - instant communication platforms such as SMS, iMessage, WhatsApp, WeChat, and others.
Coronavirus is an epidemic with global proportions, making it the ideal trigger drive a global audience to react.”
Lisa Plaggemier, Chief Strategy Officer at MediaPro: "Bad guys will continue to seize on anything click bait-y to get people to click (and install malware on their machines). The coronavirus is just the latest news story which they can leverage. This stat from our recent study is interesting: “For instance, one in seven employees believe that - much like the flu passes among people - malware can spread among devices in close physical proximity.”
How people can protect themselves:
- Keep antivirus and operating system up-to-date
- Don’t click on links in emails – navigate directly to a site instead
- Don’t open attachments from people you don’t know/things you aren’t expecting
Atif Mushtaq, CEO and founder at SlashNext: “Threat actors often go after the human attack surface with phishing attacks. For cybercriminals, going after people and infecting their machines with social engineering tactics is much easier than trying to directly attack a network. Protecting organizations, their employees, partners and customers from social engineering and phishing threats should be a top priority for all enterprises.”