SECURITY experts claim to have seen an alarming spike in the number of email scams linked to coronavirus.
According to the BBC, criminals have been targeting both individuals and industries with phishing emails written in a range of languages.
Several fake “diagnosis” scams and hoaxes are doing the rounds online.
Instagram has already banned rogue coronavirus filters that claim to “diagnose” your condition.
And any tools that promise to test you for coronavirus online should not be trusted.
Police departments have already warned to look out for rogue firms promising to diagnose coronavirus over the internet.
Fake tax refund
This scam was flagged a few weeks ago by researchers at cyber-security firm Mimecast.
When they first detected it they saw over 200 examples in one hour.
The scam email is supposed to look like its from the UK government and encourages users to click on a fake link and input their financial information.
People who click on the link won’t be receiving a tax refund but most likely malware on their computer and their private details stolen.
False WHO measures
This scam plays on people’s trust of the World Health Organization (WHO) by pretending to send details from it.
Recipients are urged to open a document that supposedly contains information about how to stay safe.
However Proofpoint found that the attachment actually uploads malicious software to computers.
The malware is said to be able to monitor the victims every move online and provide this information to the criminals.
Hoax donation pages
Malware experts Kaspersky received reports about this fake email asking for bitcoin donations to help tackle the coronavirus.
The convincing looking email can upload malware onto your computer if you click the link.
False claims about airborne virus
This scam aims to make recipients feel more scared by claiming the rates of transmission of coronavirus will increase.
It’s supposed to look like it’s from the Centres for Disease Control and Prevention (CDC) and even uses the correct email address but has been sent via a spoofing tool.
Cofense, the cyber-defence provider, says this scam weaponises fear and panic.
It takes you to a fake login page where you will be encouraged to enter your email and password.
Two factor authentication can help protect you when it comes to scams like this.
Click for a cure claim
Cyber security experts at Proofpoint noticed this scam starting back in February.
The email is written as if its from a doctor with details about a coronavirus vaccine coverup by the Chinese and UK governments.
If you click on the attached document which claims to contain important details then you’ll be led to a fake website were your details may be stolen.
Up to 200,000 of these emails are thought to be sent at one time.
Fake coronavirus maps
Cyber-criminals have also been caught circulating fake map graphics pretending to show where coronavirus cases are.
The maps are being circulated via social media or emails and are found within links that can upload malware once opened.
Some of this malware is reportedly the kind that can steal data like banking information and login details.
Ilia Kolochenko, Founder & CEO of web security company ImmuniWeb, Master of Legal Studies (WASHU) & MS Criminal Justice and Cybercrime Investigation (BU), said:
“Coronavirus is a formidable and fairly unprecedented opportunity to trick panicking people amid the global havoc and mayhem.
“In light of the spiralling uncertainty and fake news, even experienced cybersecurity professionals may get scammed by a well-crafted phishing email allegedly coming from a national health authority and involving his or her family or workplace.
“The more emotions and personal matters the attackers leverage, the more successful their campaigns will likely be.
“The human factor remains the most burdensome to mitigate by technical means among the wide spectrum of organizational cyber risks, and the COVID-19 connection makes victims particularly susceptible to thoughtless actions.
“Organizations should urgently consider implement and promulgate a clear, centralized and consistent internal process to communicate all the events and precautions related to the coronavirus pandemic.
“Corporate cybersecurity and security awareness should constitute an invaluable part of such communications, as cybercriminals are profiteering from obscurity and uncertainty.”
What is phishing?
Here’s what you need to know…
- Phishing is a type of online fraud
- It’s typically an attempt to nab some of your data
- Phishing generally involves scammers posing as a trustworthy entity
- For instance, fraudsters could send you an email claiming to be your bank, asking for details
- Scammers can also set up fake websites that look like real ones, simply to hoodwink you
- Phishing can take place over email, social media, texts, phone calls and more
- The best defence against phishing is to be generally sceptical of weblinks and emails, especially if they were unsolicited
In other news, a scam coronavirus email has been hitting inboxes in Italy.
More than a billion Android phones and tablets are at risk of being hacked.
And, invitations to hundreds of thousands of supposedly private WhatsApp chats have been published online.
Have you been affected by any of the scams above? Let us know in the comments…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at firstname.lastname@example.org