Scams for viruses: The special conditions it has caused around the world coronavirus pandemic are being exploited by cybercriminals, as ESET warns.
Global concern, vulnerable groups at high risk, excessive demand for goods that are no longer in stock and misinformation on social media - all of this equates to a huge opportunity for cybercriminals.
ESET researchers have compiled some of the most common forms of fraud and analyzed them, drawing the attention of users.
Malicious news. Scammers pretend to send important information from reputable agencies, such as P.O.Y. (Fig.1) or by reputable journalistic organizations, such as the Wall Street Journal (Fig.2), with the aim of tricking potential victims into click to malicious links. Typically, such links (Scams) can install malware, steal personal information, or attempt to extract login credentials and passwords.
Exploitation of charity. In this form of scam, cybercriminals try to convince the victim to help fund a vaccine for children in China. As there is currently no vaccine, users eventually end up sending bitcoin in the wallets of fraudsters. The technique is only effective in a very small percentage of users, but it becomes respectable if you consider that it is done on a global scale.
Masks. In another type of scam, cybercriminals send spam emails (Fig.3) to trick victims into ordering masks that will keep them safe from the coronavirus. In reality, victims end up unwittingly revealing sensitive personal and financial information data. According to Sky News, fraudulent mask sellers ripped off £800.000 ($1 million) from users in the UK in February alone.
ESET advises users to be aware of these and related scams and to be extremely careful by applying the following guidelines:
• Avoid clicking links or downloading spam attachments / texts from unknown or even trusted sources unless you are absolutely certain that the message is genuine.
• Ignore communications that ask for your personal information. If you feel it is necessary to provide them, be sure to first verify the authenticity of the sender, using a different medium than the email itself (eg. search on the Internet).
• Be especially wary of emails marked "urgent" or "attention" that urge you to take immediate action or offer vaccines or treatments for COVID-19.
Beware of charitable campaigns or crowdfunding campaigns that may be fraudulent.
• Use reliable software with multiple levels of security, which has protection against phishing.