Taking advantage of any situation that presents itself, cybercriminals all over the world have been finding ways to capitaliseon the current coronavirus pandemic. In recent weeks there have been numerous phishing scams related to the virus, from emails and messages to fake landing pages and malicious downloads. Find out what you should be looking out for, and how to protect yourself and your business from coronavirus scams.
How are cybercriminals exploiting COVID-19?
Aware that the prospect of contracting coronavirus has caused fear in many people, cybercriminals are taking advantage of this by sending out communications designed to exploit it. Paul Chichester, the Director of Operations at the National Cyber Security Centre (part of GCHQ) has remarked; “We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak.”
Cybersecurity providers that look out for such activity have identified an influx of new website domains relating to COVID-19, since the outbreak gained worldwide traction. Many of these domains are believed to be suspicious or have been confirmed as malicious. Within the various scams that have been seen, cybercriminals have made false promises of ‘anti-coronavirus’ medication, protective equipment, more updates, and even funding requests for research and vaccinations.
Many of the recent scams relating to COVID-19 have taken the form of cybercriminals impersonating official governing bodies, from the UN’s World Health Organisation (WHO) to Her Majesty’s Revenue & Customs (HMRC). Some examples of coronavirus scams include:
The WHO Coronavirus Email Scam
Cybercriminals have fraudulently sent out emails claiming to be from the World Health Organisation. These emails claimed to contain guidance about new policies and ways to protect yourself against the virus, however they contained either a malicious link within the text, an attachment, or some asked readers to submit their personal information.
HMRC & City Council Text Message Scam
Cybercriminals have also been posing as HMRC and the City Council, sending out text messages to inform recipients of a tax refund, as a ‘goodwill gesture to provide assistance during the coronavirus outbreak’. The messages require the reader to click on a link in order to receive their refund, at which stage they will either release a virus, or input their sensitive information which will be used for fraudulent purposes. This kind of scam is known as ‘smishing’ – phishing via SMS.
UK Government Website Scam
This scam involves the replication of the official gov.uk website. Cybercriminals have created a new domain and expertly designed a site that looks remarkably similar to the genuine gov.uk site. On this they ask users to input their personal information in order to receive ‘COVID-19’ relief; a supposed new NHS scheme.
UK Government Email Scam
There has also been an email sent by cybercriminals impersonating the UK government, again informing people that they are eligible to receive a tax refund. The email informs the reader that this new scheme has been introduced to provide financial assistance during the coronavirus outbreak and instructs them to click a link to ‘access their funds’.
Centres of Disease Control (CDC) Email Scam
Another email, in which cybercriminals pretend to be the CDC, taps directly into the public’s fears by informing them of a number of new cases in their area. It states that the risk where they live is particularly high and provides a link to ‘find out more information’.
How to detect a coronavirus scam
Looking at the various examples that have been seen so far, they each have particular tell-tale signs that should alert the recipient to the fact that they are not genuine. If you are on the receiving end of any of these, or any other unexpected digital communication regarding coronavirus, look out for the following:
• Errors in the wording. The language in many of the recent scams has been disjointed and incorrect; a clear sign that the communication is not from a genuine, official source.
• Poor spelling. Similarly, many cyber scams in general contain incorrect spelling. If there are mistakes, you’re likely looking at a phishing scam.
• Unusual URL. If the link you are asked to click, or the URL of the landing page you are directed to looks unusual, be extra vigilant and assess whether it might not be genuine.
• Differences compared to official communication. This might not be possible to spot in the case of emails and text messages, but if you are directed to a landing page such as on a gov.uk site, always compare it to other (gov.uk) site pages.
• The content itself. Think hard about the actual content of what you are reading. A real official organisation is unlikely to ask you to disclose sensitive information via text or email, and if a tax refund seems too good to be true, it probably is.
During this time of uncertainty, when everyone is having to adapt to a new way of life, looking out for phishing scams is likely to be far from a priority for any individual but, the sad fact is, cybercriminals are well aware of this. As a high proportion of businesses have had to ask staff to work from home, it’s never been more important to educate people on how to stay protected against cybercrime. Without proper vigilance, not only their data but that of the company they work for is at risk. To stay protected, business owners should consider ways in which they can educate staff about cybercrime. This could be with regular communication that details real examples, or some broad cyber awareness training.
Written by Dan May, commercial Director at ramsac, providing secure, resilient IT management, cybersecurity, 24-hour support and IT strategy to growing businesses in London and the South East.
