7th April 2020
Scandalous though it may sound, cyber-criminals are using the coronavirus crisis to prey on unsuspecting individuals.
Security experts have said they have seen an increase in email scams over the last few weeks, as if the world pandemic wasn’t bad enough in itself.
We’re drawing these to your attention not to scare you but to raise awareness and encourage you to be on your guard. Here are 5 in particular to watch out for:
Click for a cure
This follows the classic technique of tapping into everyone’s deepest wish. People who have clicked on the link, in search of a cure, have had all their personal details stolen. Although the email purports to be from a doctor who claims to have details about a vaccine, the attached document just takes the recipient to a spoof webpage to collect login details.
The best way to check where a link will take you is to hover your mouse cursor over it. This will reveal the true web address. If it looks suspicious, don’t click it.
Covid-19 tax refund
This email looks like it comes from HMRC and states that you are eligible for a tax refund. Who wouldn’t be tempted to click on that?!
But if you do press the “Access your funds now” link it takes you to a fake government web page and encourages you to put in all your financial and tax information.
HMRC would never contact you in this way about a potential refund. The head of e-crime at Mimecast says, “Do not respond to any electronic communication in relation to monies via email. And certainly do not click on any links in any related message.”
The virus is now airborne
Designed to look like it’s from the Centre for Disease Control and Prevention (CDC), this email’s subject line reads, “Covid-19 – now airborne, increased community transmission.” It uses one of the organisation’s legitimate email addresses but is sent via a spoofing tool. By directing you to a fake microsoft page and asking you to enter your details, the hackers can get control of your email account.
The scams are effective not only because the forgery looks highly plausible but because the perpetrators know that everyone is feeling under considerable stress.
Two-factor authentication is one way to protect yourself so that you have to enter a code texted to you to access your email account.
A little measure that saves
Purporting to be from the World Health Organisation (WHO), this scam claims that the attached document contains details of how you can prevent the disease’s spread. In fact, it will just infect your computer with malicious software which records every keystroke so that the hackers can monitor your every move online.
Ignore any emails that claim to be from the WHO as they’re highly likely to be fake. Instead, visit their official website or look at their social media channels for the most up-to-date advice.
Donate to the fight
The last example alleges it is from the Centre for Disease Control and Prevention and asks for donations in Bitcoin to help develop a vaccine. Although it may sound preposterous, the email address and signature evidently look convincing.
The security experts, Kaspersky, say they have discovered 513 files with coronavirus in their title which contain malware. Sadly, just as the real virus continues to spread, so too are these fake emails.
The golden rule is that if you’re not sure about something or know that a particular organisation wouldn’t normally contact you by email, don’t click on any attachment. If you’re in any doubt about whether something is genuine, do ask a friend or family member.