How to Spot COVID-19 Themed Cybersecurity Threats
On Friday, The Federal Bureau of Investigation (FBI) released a public service announcement warning against coronavirus (COVID-19) fraud schemes and detailing how scammers are taking advantage of this unprecedented pandemic.
The malicious actors are launching phishing attacks and spreading malware. Let’s take a look at each and what we can do to keep ourselves safe:
Attackers are engaging in phishing by sending emails claiming to be from the Centers for Disease Control (CDC) or the World Health Organization (WHO) offering information about the precautions one should take in order to avoid contracting the coronavirus.
The emails typically contain a call to action such as opening a document or clicking a link to get more information.
Do not click these links. Do not download or open the files.
The CDC and WHO will always post the latest information on their websites:
If you suspect that a message may be a phishing attack, there are a few things you can check for in order to reduce the likelihood of falling victim to one of these phishing attacks:
- Do not download any files
- Do not click any links
- Check the sender’s address
- Look for spelling and grammar mistakes
- Were you expecting this message?
We have also seen both independent criminal groups as well as nation-states attempting to take advantage of this pandemic in order to spread malware.
One of the first APTs (advanced persistent threats) was spotted by Cisco Talos, which detailed how the group behind the Emotet malware was using malicious Microsoft Office documents and spreadsheets. They also noted that one reason this attack has been successful is due to the large amount of coronavirus-related email that contains attachments.
The scammers also managed to take advantage of the coronavirus tracker being put out by Johns Hopkins University. This attack was so prevalent that JHU actually had to release a statement clarifying that their map did not spread malware to visitors.
In addition, Malwarebytes has detailed how APT36 is engaging in spreading malware that can capture screenshots, transfer files and list files on an infected device. In order to protect yourself against malware, make sure you are running up-to-date anti-malware software and avoid untrusted links and untrusted files.
Name: Nikolas Behar
Company: University of San Diego