The COVID-19 pandemic has hit just about every continent of the world, with governments shutting down borders and economic activity across nations coming to a standstill. As people try to prevent the spread of the virus and adopt healthy lifestyle modifications, scammers have also been on the prowl, profiting off the desire for people to feel safe.
Scammers are Now Fronting as Health Agencies
In a new report, IT security company Sophos confirmed that it had discovered a wave of scams in which attackers convince their victims to send them Bitcoins under the pretense of being members of prominent health agencies. Chester Wisniewski, a principal research scientist at the firm, explained that they’ve been tracking hackers across the world in the wake of the virus, adding that the number of phishing emails from scammers has been on an alarming surge.
ESET security researcher @OndrashMachula found an email extortion campaign where the attacker demands Bitcoin or they will…. somehow infect the person's whole family with COVID-19 through the computer https://t.co/7ZJx8zaEiF pic.twitter.com/I5uCx4UV10
— alfred 🆖 (@alfredwkng) March 20, 2020
He explained that while the scams started with these phishing Emails where malicious documents were disguised as COVID-19-related materials, hackers have now evolved and are impersonating charitable bodies from the World Health Organization (WHO). The hackers have especially taken on the persona of the COVID-19 Solidarity Response Fund, and are now sending Emails that are identical to those of the fund itself.
He added that while the mails differ in terms of content and requests, they all still revolve around the virus. Some mails pitch Corona-proof masks, while others come with “how-to” videos that explain things like constructing a bunker and keeping your family safe during the crisis.
In good times and not so good times, scammers will always try to steal your money – beware of COVID-19 scams with this #scamalert regarding non-FDA approved test kits coming into the US:https://t.co/w8BD1iuCnQ#YonkersPD @CityofYonkers
— Yonkers Police HQ (@YonkersPD) March 20, 2020
Eventually, the point is to convince you to send Bitcoins to keep the “Fund’s” operation active.
“The tell-tale clue is the request for Bitcoin, rather than credit cards or other currency. Due to the ability to trace and stop real wire transfers and credit cards, criminals prefer to rely on cryptocurrencies to attempt to preserve their anonymity and freedom, and the Bitcoin payment request seen here is a sign that something isn’t right about this email.”
He further advised that anyone – regardless of whether they trust the government or not – should be vigilant and ensure they use only appropriate governmental websites for their information.
Security Threats are Everywhere Now
This isn’t the first time that a scam alert will be raised in the wake of the coronavirus outbreak. Last month, Sherrod Degrippo, the Senior Director of Threat Research and Detection at cybersecurity firm Proofpoint, pointed out in a post that hackers had been circulating conspiracy theories about the virus online, adding malicious links to products that they claim can connect any victims with a supposed miracle cure.
In the post, Degrippo explained that these hackers send Emails and claim to be from agencies like the WHO, Centers for Disease Control and Prevention (CDC), and even the Japanese government. Mails contain attachments of different formats, including videos, PDFs, and audio files, and MS Word documents.