At the surprise of no one in the cyber security industry, opportunistic cyber criminals have been taking advantage of the Covid-19 Pandemic. Today I’ll go over the different ways they have been doing this, and how you can protect yourself.

PHISHING WEBSITES

Increased Internet usage due to working from home handed cyber criminals their first opportunity – setting up phishing websites. The first type of these are fake Covid-19 stats websites. Take a look at the below image, for example.

Looks like the real thing, right? Sadly not. Instead, its a fake website which, if you click the download popup, starts tracking your browser activity and stealing your passwords.

Cyber criminals have also been setting up fake domains, exploiting the fact many people are having to download new software to help working from home. Domains have been set up which relate to Zoom, Microsoft Teams, Google Classroom and other popular software. These appear to look real however in fact will provide fake download links and pop ups which lead to malware being installed on victims PCs.

How to protect yourself against these types of attacks.

• Legitimate statistic sites will never give you pop ups, or offer downloads. If they do, leave the site.
• Keep sure you are only downloading software from legitimate companies.
• Look out for misspelled domain names. Examples of this are googleclassroom where the domain name was changed to googieclassroom and googloclassroom.
• Search the site on https://www.virustotal.com/gui/home to check if it has already been reported as malicious

PHISHING EMAILS

Another way cyber criminals are targeting people during this time is using phishing emails. These are pretending to come from governments, medical institutions and legitimate companies, like the examples below.

Phishing emails during this time are taking advantage of certain things which you can keep an eye out for. Examples of these are emails :

• From governments, councils etc telling users to click for help or information
• Offering masks, hand sanitiser and protective gear
• Health organisations offering advice
• Employers asking for forms to be filled out by employees working at home
• Companies with updates on their policies

Cyber criminals are using these emails to deliver different malware types and steal user credentials. You can use the below and above information to know the key signs to look out for. If you do receive any malicious or potentially malicious emails

How to protect yourself against phishing emails :

• If an email mentions “Act now”, “Don’t wait” or “Reply now” be careful. Cyber criminals prey on fear, most legitimate emails will not mention this.
• Generic greetings like “Dear Sir/Miss” and the like are commonly used in phishing emails, look out for this.
• Simple grammar and spelling errors won’t be seen in legitimate emails.
• Check any links in the email by hovering over them. If the URL does not appear to relate the company sending the email, this is another red flag.
• Be suspect of any emails relating to Covid-19 or coronavirus from senders you have never received emails from before.

SMISHING (Phishing via SMS)

Smishing (Phishing via SMS) has also been used by cyber criminals to exploit the current circumstances.

SMSs appearing to be sent from the government (like above) get users to click by installing fear into people. To make these appear more legitimate, a method called “Spoofing” can be used which makes the fake messages appear next to legitimate messages. Examples have also been seen where people have been sent fake SMS’ from banks as well.

If you receive any SMS during this time which talk about coronavirus, be very careful as they are likely to be fake; and trying to steal information or bank details. Instead, directly call your bank, government etc to check if the information you have been sent is true.

Stay safe during these times, including online. If you receive any emails or SMS including coronavirus, always be sceptical of them. If you need to check the statistics of the ongoing pandemic, check out https://coronavirus.jhu.edu/. If you need to download any software, ensure it is from a legitimate source.

I am releasing a newsletter soon which will be released every weekend giving an update on cybersecurity. Sign up to it here – https://blueteamblog.com/newsletter