Cybercriminals are piggybacking on coronavirus-related information and “fearware” to disperse malware and orchestrate online scams!

The worse is just beginning, though, as we are now seeing malicious actors follow the headlines and jump on the bandwagon. This time, they are piggybacking on coronavirus-related information and “fearware” to燿isperse malware燼nd orchestrate online scams.

This article will provide you information regarding the cybercrime implicated of the 2019 Novel Coronavirus, along with methods to safeguard your digital life and ylaoji.orgour organizations:

Cybercriminals are leaving no opportunity to cash-in on the panic surrounding coronavirus. They are executing social engineering scams with one main goal: wheedle out money or sensitive information. Some of the most massive coronavirus-themed phishing campaigns include:

Malefactors are sending phony emails impersonating燙DC爋fficials to notify recipients about new reports of contamination in their area as part of a new incident management system. This scam baits users into clicking on a malicious link that harvests the targets’ sensitive credentials.

https://www.eci.com/blog/images/COVID-19-2.png

Ongoing scam waves include cybercrooks sending bogus emails disguised as official advisories from WHO, who have clarified this about on their爌age. The lure is an embedded button labeled “Safety Measures,” which then forwards the recipient to a fabricated email verification page.

Intelligence researchers at Malwarebytes recently identified a燾lever ploy, wherein cyberattackers used a variant of the AZORult malware in coronavirus maps to steal user data. Crooks are also duping users by booby-trapping email attachments, listing sketchy resources, and other techniques.

Perhaps one of the most famous info-stealer, the Lokibot, also follows the footsteps of other爌hishing scams, leveraging the COVID-19 scare to deposit malicious payload via rogue emails disguised as an emergency regulation issued by the Ministry of Health in China.

The FormBook info-stealer also follows the same phishing principle by sending bogus emails, providing the latest updates on coronavirus disease outbreak on燽ehalf of WHO. These emails include a ZIP attachment containing a malicious binary called MyHealth.exe.

The notorious Emotet also makes a comeback with a coronavirus-themed spamming campaign by creating deceptive emails warning recipients about infections in different regions of Japan, including Tottori, Gifu, and Osaka. To learn more, users are asked to open the Word file, loaded with malware.

Abbreviated as “RAT,” the燫emcos爌hishing fraud made its first appearance in August 2019, with its operators now adding a coronavirus twist. Analysts as a security firm came across a Remcos RAT payload camouflaged as an executable file named “CoronaVirusSafetyMeasures_pdf.exe.”

Be extremely cautious of accessing any Coronavirus-information related website, excluding official resources like the CDC and WHO. Make sure you enter the web address yourself, and do not click on any link from emails or open attached files.

Bear in mind if anyone messages trying to pressure you into accessing some website or download a file urgently, it is a clear sign of a scam. So, do what I do and follow爐hese tips爁rom the U.S. Federal Trade Commission (FTC):

For an extra layer of protection against malware distribution campaigns using the coronavirus fearware, be sure to invest in a reliable application that detects suspicious payloads. Also, make sure to follow stronger protocols of security to prevent falling victim to any of the above scams!

ABOUT THE AUTHOR

A tech consultant at牋expert whose main aim is to spread more knowledge about why you need to be careful in the digital world. Bruce covers all topics related to燰PNs, internet security, and leveraging privacy online to explore a freer digital world.