Coronavirus: Remain On High Alert For Scams & Disinformation
Find out how cyberattackers have been using coronavirus as a scam and how to protect your device.
As we’ve crossed into the month of April, the count of patients infected with coronavirus continues to grow at a sobering pace, and shows no signs of slowing anytime soon. At the same time, people are trying to adjust to the “new normal” of sustained social distancing.
A Perfect Storm For Scams and Disinformation
The behavioral and psychological changes required to make social distancing work are significant: everything from sharing a home or apartment for an entire day (and with more people, especially if you have kids), to figuring out how to go to the grocery store and shop safely. The combination of emotional, physical, and psychological stressors, combined with significantly increased internet and email “screen-time” for most people, has created a kind of perfect storm for online scams, con-artists, and disinformation. Another powerful factor driving this storm is curiosity: people are extremely hungry to hear news, and hopeful / practical news in particular. Scammers have stepped into make the most of these factors, and as Emilio Simoni, Research Director at the dfndr Lab explains: “What we’re seeing is cybercriminals redoubling their efforts to create more, increasingly sophisticated scams, in order to reap profit from baseless, sensational ads or news — or through thefts of personal and financial data. The information they offer is almost invariably false, and sometimes the information itself is immediately dangerous to victims who act on it.”
No Slowing Down: Scammers Are Busier Than Ever!
The pace and inventiveness of coronavirus scams appears to be picking up. Emilio Simoni and the dfndr Lab Security Team have gathered the following examples together. Note that these items by no means constitute a complete list of scams in operation. We share these with you so you can get a richer sense of the variety of these scams, and the methods they employ.
A multilingual scam using the Nike brand name was discovered by the dfndr Lab Security Team (see image above). The scammers used geolocation to adapt the language used to the victims: it showed messages in Portuguese, English, or Spanish, depending on the visitor’s locale. Some generic questions were used to draw people in, and after they were drawn in they were automatically redirected to another domain, full of ads. It was through impressions of these ads that the cybercriminals reaped their profits.
Emilio also notes that “Cyberattacks are becoming more and more sophisticated. One of the most popular scams leveraging the pandemic is the one that falsely promoted a free 1-year subscription for Netflix. The cybercriminals study how official companies and websites offer promotions and sales, then mimic their approach, which can help to create a extremely convincing page.” You can see the example Emilio cites, immediately above.
The dfndr Lab Security Team has also discovered cyberattacks connected to fake profiles on Facebook, also known as bots. These bots are especially prevalent in Facebook Private Groups. Of 3 bots discovered and analyzed by the dfndr Lab, one had engaged more than 10k interactions. These bots used intelligent techniques to persuade the victims, “talking” through pre-recorded messages that request personal information. The most common themes used by these bots to attract new victims were 1) registration to receive the government social security benefits, and 2) offering a map to check the coronavirus spread around the world. The dfndr Lab also notes that many scams in the US are being disseminated through Facebook Messenger. So be careful!
Paypal phishing attacks have also grown exponentially since the beginning of the pandemic. Dfndr lab stipulates that during the month of March, scam emails fraudulently claiming to be from PayPal, and seeking private information, reached over 1.4k users in the US alone.
With people all over the world sheltering in place, virtual meeting providers Zoom, has been in high demand. The dfndr Lab detected 4 fake domains using their name. The URLs were hiding trojans that could act in different ways: seeming to install the Zoom app, but redirecting victims to another website full of ads, and rapidly consuming your phone battery.
What Can You Do?
This is a story that will continue to move fast, so the examples above will be joined by new and different examples by time you read this. As Emilio Simoni pointed out, hackers all over the world are in HIGH PRODUCTION mode during this crisis. They’re going to keep inventing new and more devious ways to get information, and steal from you.
You need to protect yourself. So make sure you’re using a security solution that’s built to alert you immediately when you access a scam site, or interact with a known digital virus “carrier.” dfndr Security has an excellent Anti-Hacking feature you can activate.
If you upgrade to the dfndr Pro version, you’ll get the added benefit of a Safe App Installer (which warns you if an app you’re about to install may be a vector for malware). It also offers Identity Theft Protection to keep your email safe as well.
Consider Going Pro
One of the best ways to protect yourself right now is to upgrade your dfndr app (if you haven’t already) to dfndr Pro. Pro gives you these added protections:
Unlimited Identity Theft Reports: You can check if any of your account credentials have been leaked on the internet.
Anti-theft protection: In case of theft or loss, you can lock down your device remotely, find the phone on a map; or, activate a loud alarm to find it nearby. You can also get a picture of the thief, and wipe the phone of your personal data.
Safe App Installer: You’ll know if an app has previously had data breaches before installing.
App Privacy Scan: You can locate on a map where your app data is going and how it might be used by third-parties.
Ads free version: Totally ad-free
Everyday Digital Hygiene Matters Now Too
Just as avoiding coronavirus requires that you keep your hands clean (and keep them away from you face!) — digital hygiene is achieved through simple steps as well. Now’s a time to make doubly sure that you:
- NEVER click on links sent to you from unknown people.
- Look very closely at emails: If the source looks or sounds like someone you know but the name or email address seems even slightly off…stay away! Leveraging contact and friend information is one of the most common paths for scammers to load malware or get your private information.
- Only download or install software from trusted sources. Make sure you double check url’s! The Anti-Hacking feature on dfndr will protect you from malware and known hacking sites.
- Use reliable sources, such as legitimate government websites, to get real, fact-checked stories and information on COVID-19. Be aware that scammers will be pulling at you emotionally. This is a hard time for everyone, but do everything you can to stay cool and grounded: your ability to “count to three” before clicking or responding to a link or headline is more important now than ever.
We’re going to keep working to keep you informed and up to date. Until next time, we hope you and yours can stay safe and stay well!