Imagine having your phone access locked and held for ransom!
Coronavirus is no longer only a risk to your family’s health—it’s now a risk to your technology’s health, too.
Cybercriminals are using the COVID-19 pandemic to take advantage of people. These criminals tailor their attacks by using malicious global maps, Android ransomware, and spear-phishing campaigns.
Malicious Coronavirus Maps
This attack tricks you by showing a legitimate map of the spread of COVID-19 and convinces you to download malicious applications — all while compromising your computer in the background.
The malware collects information like cookies, browsing histories, user IDs, passwords, and even cryptocurrency keys. By stealing this data, cybercriminals can easily steal credit card numbers, login credentials and much more sensitive information.
Often, the malware is embedded in small files called Corona-virus-Map.com.exe (“.exe” means executable file – very common in malware attacks). Double-clicking the file opens a window that shows a “map of infections” as the one hosted legitimately by Johns Hopkins University to track reported cases in real-time.
Make sure you have a quality malware protection system in place. This malware is challenging enough to detect manually—let alone remove without a robust software tool — so be cautious about downloading or running files, especially .exe type files.
Android Ransomware
Another type of attack tricks people into using an Android app that appears to help track coronavirus cases. Instead, it locks your phone and demands a ransom to give back your access!
This ransomware, CovidLock, changes your phone’s password (or adds one if there was no password) and locks you out. Then they give you 48 hours to pay $100 in bitcoin.
To make things worse, the ransomware also threatens to delete your contacts, videos, photos, and memory and leak your social networking accounts. The ransomware note reads: “Your GPS is watched and your location is known. If you try anything stupid your phone will be automatically erased.”
Fortunately, a cybersecurity company called DomainTools has successfully reverse-engineered this ransomware’s decryption keys and will publically post it.
Spear-Phishing Campaigns
In a more traditional but just as effective attack, cybercriminals deliver malware by sending emails that seem to be from health authorities. While cyberattackers have spent weeks emailing COVID-19-related lures, they’re beginning to tailor their emails to better scam victims.
Some lures borrow branding from nation-specific health authorities, such as the U.S. State Department and the Centers for Disease Control and Prevention (CDC). In Iran, where nearly 2,000 people have died due to the virus, reports have surfaced of government-sponsored hackers using COVID-19-themed messages for spreading spyware.
In the past two months, campaign victims have primarily been in the U.S., Iran, Italy, and Ukraine. Still, some schemes have targeted Mexico, Brazil, and Spain—all of which have confirmed coronavirus cases within their borders. Even a Czechian hospital had to shut down its IT systems due to coronavirus-related malicious emails.
Some examples of malicious lures/attachments include messages such as:
Due to the news of the Corona-virus disease (COVID-19), we are changing banks and sending payments directly to our factory for payments, so please let me know total payment ready to be made so i can forward you our updated payment information. Kind regards.
Others claim to have “information about safety measures and existing cases in your city,” as a way of baiting users.
Assessing the threat
When assessing coronavirus-related emails, ask yourself a few questions:
- Did I sign up to receive alerts?
- Is this email trying a little too hard to bait me into clicking links or opening attachments?
- Are there any misspelled words? Is the brand/logo just “off?”
- Is the URL in a link just a string of random letters or numbers when I hover over it?
If anything seems suspicious in a coronavirus-related email, you should proceed with caution.
Don’t Panic
Most likely, cyberattacks will become more prevalent as the coronavirus spreads. And they’ll do so by using people’s fear against them. Just remember to follow the same advice you’ve heard when it comes to the coronavirus—don’t panic and take the right precautions to protect you and your loved ones.