Coronavirus Contagion Spreading to Computers via Illness-based Phishing Scams

Tego Cyber CEO, Shannon Wilkinson, spoke with Tiana Bohner of KVVU FOX5 earlier this month to inform viewers of phishing emails which appear to be sent from major health organizations under the guise of updates about the spreading epidemic in their area.

The novel Coronavirus is believed to have originated in Wuhan Province, China and is believed to have come from diseased animals being sold at a local food market in the town. Dry cough, fever, and problems with breathing are among the common symptoms; severe cases, however, consist of viral pneumonia which is the major indicator to get oneself to the hospital immediately, as this symptom has been common among those who have succumbed to the illness. While a clinical trial is currently taking place in Nebraska to try and find a potential treatment for this disease, there is no firm end to the disease in sight.

Due to the fear that this induces in the public, people are desperate for updates related to any progress on finding a cure or to see whether or not the disease has reached their town. Malicious individuals on the Internet are aware of this fact and have decided to take advantage of the public panic, summarized perfectly in a quote by Shannon Wilkinson below.

"Anytime there is a national disaster or a health epidemic, cybercriminals take advantage of people's interest and the scare behind it"

- Shannon Wilkinson, Tego CEO for KVVU FOX5 News

Cybercriminals are pretending to be organizations such as the World Health Organization (WHO) and the Centers for Disease Control (CDC) and they have found ways to come across as more convincing than ever before.

One such scam consists of cybercriminals asking for your personal information such as address or location in order to gain access to information about the Coronavirus in your area -- when in reality the cybercriminals are simply stealing your sensitive information. Another phishing email presents itself as being from the CDC asking for donations in Bitcoin to help those who are affected by the Coronavirus. In reality, the CDC does not request or accept donations in Bitcoin form.

In one campaign, victims were directed to a webpage which looks similar to the WHO website, but prompted users to enter a username and password to validate their identities. Cybercriminals then took this information and were able to access victim accounts.

The CDC and WHO have advice on how to avoid the virus itself including frequently and thoroughly washing your hands, avoiding travel where possible, and paying attention to any developing symptoms and reporting to doctors immediately if you believe you may be infected. These are important steps to avoid infection. To avoid cybercriminals attempting to capitalize on the public fear of this outbreak, be sure to do the following:

• Check the address of the sender of suspicious emails. Cybercriminals are getting smarter and smarter and it is getting harder to detect a phishy email simply from the content of the email being riddled with misspelled words, which has always been a big indicator of malicious emails -- hackers have been hiring copywriters to check their emails for grammatical errors before sending them out to appear legitimate. Because of this, checking the sender address is essential as this is where cybercriminals will struggle the most in trying to cover their identities. The Bitcoin scam email which pretended to be from the CDC was sent from cdc-gov.com -- this is just one example of an Achilles' heel in these criminals' attempts to dupe us.
• Don't click on the link in the email. Instead of clicking a link from a suspicious sender, rather go to your browser and search what you know to be the correct website to see if they do have any legitimate new updates.
• If you have already given your personal information to a scammer, change your passwords now. Some people may have already fallen victim to the cybercriminals' will -- if you gave your information to the false health organization emails, change your passwords now to avoid further risk. For all accounts, utilize mutli-factor authentication to further prevent hackers who may have your information from accessing your vital accounts.

Image from John's Hopkins University