by Paul Ducklin It’s not like cybercriminals to take advantage of a world event… and this is a rather large world event. Since COVID-19 hit the head
It’s not like cybercriminals to take advantage of a world event… and this is a rather large world event.
Since COVID-19 hit the headlines, we’ve covered a selection of coronavirus-related scams, phishing attacks and malware campaigns in which crooks have adapted existing sextortion emails, mobile malware and password stealing tricks to exploit people’s fear and uncertainty.
And measurements from SophosLabs show that the ones we’ve published as specific examples are just a few of many cyberscams that refer to
To help you stay on top of it all, SophosLabs plus our data science and threat response teams have created a “living article” where you can quickly access regularly updated information about the expanding “cybercorona” threat, including:
- An industry discussion channel of the latest threat intelligence.
- A Github repository of indicators of compromise (IoCs).
- Updated statistics on the volume of pandemic-related cybercriminality.
What to do?
Remember that not every cybercriminal is jumping on the coronavirus scamming wagon – in fact, we’re willing to bet that there are crooks focusing on crimes such as stealing PayPal accounts and hitting you with fake technical support calls who are rubbing their hands in glee right now.
Their glee comes from the prospect of people getting so distracted by the much more visible and widely-reported pandemic scams that they no longer have enough time to be vigilant against all the other scams that have been joined by the new-look attacks.
(The old-school scammers and the “new tricks” crooks are often the same people, of course, burning the cybercriminal candle at both ends, as it were.)
So the bad news is that you have to watch out for a plethora of new coronavirus cyberscams, as well as all the old stuff, too.
That’s where our “living report” article comes in handy, so you don’t have to spend ages hunting down the latest coronaclasms yourself!
Four quick tips:
- Don’t login to company websites via emails or texts. If a company wants or needs you to login to your account, you should already know how to access your account from the company’s own site or app. Even if it takes a few more clicks, it’s time well saved because you will automatically miss out on “logins” that could compromise your security.
- Don’t make payments via links in emails or texts. This is point 1 in a different guise. If you need to pay a company online, reach the payment page by following your own research, or using a link from a document you already have such as a contract or a recent bill. Don’t get begged, cajoled or frightened into taking exactly the “short cut” the crooks want.
- Don’t turn off security features because a document tells you to. Avoid opening unexpected or unsolicited email attachments if you can (and if you do, don’t click links in those documents – see 1 and 2). If a document asks you to
[Enable content]when you open it, or make some other security downgrade, don’t do it – it’s a trick.
- Don’t trust apps because the app creator tells you to. App reviews, positive app comments and high download counts are cheap to buy if you have no scruples. Reputation must be earned – it can’t be bought or self-declared. If in doubt, ask someone you know and trust for advice.