New COVID 19 scams seem to be popping up every day. Criminals are willing to take advantage of any crisis, stealing money and identities from the unsuspecting.
Phishing emails are most common, but you should also be aware of how attackers are tricking people with text messages, phone calls, and social media claims.
Text Message – You’ve Been Exposed
One of the COVID 19 scam sends you a text message indicating that you have been exposed to someone who tested positive to COVID 19. It includes a malicious link and prompts you to click it.
Don’t click it. It will likely try to install malware on your phone, or get you to reveal information that attackers can use to steal your identity.
COVID 19 and Contact Tracers
Many localities are using contact tracers to identify people that may have been exposed to an infected person. The idea is that if you can identify everyone exposed to the virus through a person that recently tested positive, you can get them to self-quarantine and limit the spread.
It can also help identify the person that may have passed the virus on to the newly infected person. This person may not have any symptoms and can continue to unknowingly spread the virus.
Contact tracers typically use the telephone when contacting people.
Unfortunately, when you receive the call, it’s difficult to tell if the caller is a legitimate contact tracer or a criminal using vishing techniques. Legitimate contact tracers are limited to what they say due to privacy laws. I suggest two things.
- Assume that you have been exposed. Get tested if you can, and self-quarantine for 14 days.
- Assume that the caller is a criminal and be wary of any information you provide.
I wish there was a better way to know if the caller is not a criminal, but I don’t know how.
Text Message – Get Your Payment
Another COVID 19 scam is related to the payments being sent out to US citizens. Attackers have been sending text messages that indicate you need to take a short quiz before you can access to your stimulus package.
No, you don’t.
The IRS will either send you the money (via direct deposit or a check) or they won’t. They certainly won’t send you text messages related to your payment.
If you want to check on the status of your check from the IRS related to the stimulus package, go to the IRS site: https://www.irs.gov/coronavirus/get-my-payment. Don’t click a link in a text.
If you don’t want to type the full URL into your browser, use your favorite search engine and search with the phrase:
irs get my payment.
COVID 19 Phishing by APTs
A joint alert (AA20-099A) from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) warned of some specific attacks related to COVID 19. Some of these were from cyber criminal groups and some were from advanced persistent threat (APT) groups.
These attacks continue to morph, but some known attacks and threats are:
- Phishing – Beware of emails with the subject of coronavirus or COVID-19. Some recent examples are “Coronavirus Update” and “2019-nCov: Coronavirus outbreak in your city (Emergency).” These are added as a lure to get you to open the email.
- Malware distribution – These phishing emails often include malicious attachments, tricking users into installing ransomware or other malware. They may also contain malicious links. If clicked, it takes the user to a malicious site, which attempts a drive-by download.
- New domains – Attackers have purchased many new domain names containing words related to coronavirus or COVID-19. They are using these to lure victims.
- Remote worker attacks – Many employees are working from home. Organizations often had to rapidly deploy remote access solution. Some of these solutions had (or still have) vulnerabilities that allow attackers to take over some user computers and download videos of meetings that are stored in the cloud.
COVID 19 SCAMS and Ransomware
Some scams attempt to install ransomware on your system. As an example, a malicious Android app claims to give you access to a COVID 19 map tracker. Instead, it installs CovidLock ransomware on your Android device, locking up contact and other data until the users pays a ransom.
Defending Against COVID 19 Scams
These criminals use common social engineering methods to entice users.
Why?
Because they continue to work for enough people that criminals keep getting richer. Criminals often take advantage of people’s curiosity and concern, and there’s a lot of both related to the COVID 19 pandemic.
CISA advises people to take the following precautions to avoid becoming a victim of these COVID 19 scams. If you’re an IT professional familiar with cybersecurity, these may be familiar to you. However, you might like to remind people in your sphere of influence of the scams and how to avoid them. After all, these scams continue because enough people are still being tricked.
- Avoid clicking on links in unsolicited emails and be wary of email attachments. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information.
- Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.
- Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.
- Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
- Review CISA Insights on Risk Management for COVID-19 for more information.
Feel free to pass this info on to people you know that may be tricked.
