It all starts with an innocent click.
As the new coronavirus that emerged in China spreads around the world, hackers use fear and confusion to expand computer viruses in increasingly sophisticated ways.
The BBC has been tracking some of the scams Phishing email reported by cybersecurity organizations since the outbreak of the new coronavirus jumped to the front pages.
Hundreds of different criminal campaigns have been detected that have sent millions of fake emails.
The fraud of extortion on your friend’s girlfriend whose real victim can end up being you
It is not new that campaigns Phishing But information security experts say the increase in attacks related to covid-19, the disease that causes the new coronavirus, is the worst seen in years.
Cybercriminals are using English, French, Italian, Japanese and Turkish to target potential victims, both individuals and industries including transportation, medical care, insurers, hotels, catering and Manufacturing.
It’s impossible to say what the true scale of the email epidemic is, but here are some of the most convincing and how to detect them.
“Click here for coronavirus cure”
Proofpoint researchers first noticed in February a strange email that reached its customers.
It is a message from a mysterious doctor who claims to have a document with details about a coronavirus vaccine that is being covered up by the governments of China and the United Kingdom.
Those who believe they are going to find a cure in this mail risk having their personal data stolen. Proofpoint says that curious recipients who click on the document are taken to what looks like a normal and reliable Docusign page, but it is actually a website created by the criminals themselves to get their login details.
Once they get the username and password, they take over your documents, plus they get access to any other site that uses the same email and password.
Proofpoint says emails are sent in batches of 200,000 at a time.
Sherrod DeGrippo, of this company’s threat detection and research team, said, “We’ve seen over 35 consecutive days of malicious email campaigns about coronavirus and many use fear to convince victims to click.”
“It started with one campaign a day and is now three to four a day. With this increase in volume, it is obvious that these campaigns are generating dividends for cybercriminals.”
The best way to see where a link will take you is to hover over it, where the real URL tag will appear. If it looks suspicious, don’t click.
“WHO: this tip can save you”
Hackers have posed as the World Health Organization (WHO) since the early days of the outbreak, a particularly reprehensible strategy.
Analysts say that victims who download the attached archive do not receive any useful advice and instead their computers are infected by a Malware called AgentTesla Keylogger.
Many frauds are posing as WHO or WHO in English. Proofpoint says that once installed, this Malware It will record all keystrokes and send it to attackers, a tactic that can give online access to bank and financial accounts.
To avoid this scam, ignore emails purportedly from WHO as they are likely to be fake and instead visit the institution’s official website or social media channels for their latest tips.
“Now the virus is in the air”
This campaign Phishing not only is it eye-catching, but it induces fear.
The issue says “covid-19: now in the air, increased community transmission” and is also designed to resemble an email from the Center for Disease Control and Prevention (CDC), the U.S. agency in charge of the health area, with a false address that is very convincing.
Fear and panic are being used as weapons, according to experts. Cofense, who first detected the scam, describes it as an example of hackers “turning fear and panic into weapons.”
Analysts say the link directs victims to a fake Microsoft login page where they are encouraged to enter an email and password. Once they do, they are redirected to the CDC’s real council page, which makes it seem even more legitimate.
Of course, by the time you get there, the fraudsters already have what they need from your email account to rant it out whenever they want.
Cofense researchers said: “Despite the bizarre capital letters of a few words in the email, it is a pretty good forgery that, when combined with the high stress situation it presents, can make most users ignore those details and click on the link immediately.”
“CDC: Help us fight the virus, donate here”
CDC is not asking for donations in bitcoins. In addition to WHO, the CDC is being supplanted in dozens of Phishing Different.
This one has an almost comical approach and was reported to experts in Malware Kaspersky. It is a fake email from the CDC that solicits donations to help develop a vaccine, but they ask for payments in the bitcoin cryptocurrency.
Useful tricks and tools if you have to work from home because of the crisis of the new coronavirus
The premise is, of course, ridiculous, but the address seems very convincing as does the design of the email. The scammers even created a fake CDC website for the scam.
Kaspersky also says that its Software antivirus has detected malicious files called “coronavirus” almost 3,000 times.
David Emm, senior security researcher, says “the numbers have increased significantly.”
“However, what we are seeing is still quite small and we expect the numbers to grow, of course, as the virus continues to spread.”
