COVID 19 Scams

Posted by in Security+ | 0 comments

New COVID 19 scams seem to be popping up every day. Criminals are willing to take advantage of any crisis, stealing money and identities from the unsuspecting.

Phishing emails are most common, but you should also be aware of how attackers are tricking people with text messages, phone calls, and social media claims.

Beware of COVID 19 Scam

Text Message – You’ve Been Exposed

One of the COVID 19 scam sends you a text message indicating that you have been exposed to someone who tested positive to COVID 19. It includes a malicious link and prompts you to click it.

Don’t click it. It will likely try to install malware on your phone, or get you to reveal information that attackers can use to steal your identity.

COVID 19 scams You have been exposed...

COVID 19 and Contact Tracers

Many localities are using contact tracers to identify people that may have been exposed to an infected person. The idea is that if you can identify everyone exposed to the virus through a person that recently tested positive, you can get them to self-quarantine and limit the spread.

It can also help identify the person that may have passed the virus on to the newly infected person. This person may not have any symptoms and can continue to unknowingly spread the virus.

Contact tracers typically use the telephone when contacting people.

Unfortunately, when you receive the call, it’s difficult to tell if the caller is a legitimate contact tracer or a criminal using vishing techniques. Legitimate contact tracers are limited to what they say due to privacy laws. I suggest two things.

  1. Assume that you have been exposed. Get tested if you can, and self-quarantine for 14 days.
  2. Assume that the caller is a criminal and be wary of any information you provide.

I wish there was a better way to know if the caller is not a criminal, but I don’t know how.

Text Message – Get Your Payment

Another COVID 19 scam is related to the payments being sent out to US citizens. Attackers have been sending text messages that indicate you need to take a short quiz before you can access to your stimulus package.

No, you don’t.

The IRS will either send you the money (via direct deposit or a check) or they won’t. They certainly won’t send you text messages related to your payment.

If you want to check on the status of your check from the IRS related to the stimulus package, go to the IRS site: https://www.irs.gov/coronavirus/get-my-payment. Don’t click a link in a text.

If you don’t want to type the full URL into your browser, use your favorite search engine and search with the phrase:
irs get my payment.

COVID 19 Phishing by APTs

A joint alert (AA20-099A) from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) warned of some specific attacks related to COVID 19. Some of these were from cyber criminal groups and some were from advanced persistent threat (APT) groups.

These attacks continue to morph, but some known attacks and threats are:

  • Phishing – Beware of emails with the subject of coronavirus or COVID-19. Some recent examples are “Coronavirus Update” and “2019-nCov: Coronavirus outbreak in your city (Emergency).” These are added as a lure to get you to open the email.
  • Malware distribution – These phishing emails often include malicious attachments, tricking users into installing ransomware or other malware. They may also contain malicious links. If clicked, it takes the user to a malicious site, which attempts a drive-by download.
  • New domains – Attackers have purchased many new domain names containing words related to coronavirus or COVID-19. They are using these to lure victims.
  • Remote worker attacks – Many employees are working from home. Organizations often had to rapidly deploy remote access solution. Some of these solutions had (or still have) vulnerabilities that allow attackers to take over some user computers and download videos of meetings that are stored in the cloud.

COVID 19 SCAMS and Ransomware

Some scams attempt to install ransomware on your system. As an example, a malicious Android app claims to give you access to a COVID 19 map tracker. Instead, it installs CovidLock ransomware on your Android device, locking up contact and other data until the users pays a ransom.

Defending Against COVID 19 Scams

These criminals use common social engineering methods to entice users.

Why?

Because they continue to work for enough people that criminals keep getting richer. Criminals often take advantage of people’s curiosity and concern, and there’s a lot of both related to the COVID 19 pandemic.

CISA advises people to take the following precautions to avoid becoming a victim of these COVID 19 scams. If you’re an IT professional familiar with cybersecurity, these may be familiar to you. However, you might like to remind people in your sphere of influence of the scams and how to avoid them. After all, these scams continue because enough people are still being tricked.

Feel free to pass this info on to people you know that may be tricked.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2020 Get Certified Get Ahead. All Rights Reserved.