Covid-19 Coronavirus Scams continue to proliferate but the worst part is they are not just coming from what seems to be low-budget hackers. Nation-states are in on the game as well:
According to a recent Forbes article:
In late February and early March, FireEye suspected a group of Chinese hackers had sent malware-laden documents to targets in Vietnam, the Philippines and Taiwan. The documents included legitimate statements by political leaders and advice from official sources, but hidden underneath was data-slurping spyware. As reported by Forbes Thursday, a Chinese hacking crew has been linked to coronavirus-led attacks on Mongolians.
FireEye also reported that an espionage group called TEMP.Armageddon, which “acts in support of Russian interests,” sent a spear phishing email with a malicious, coronavirus-themed document to Ukrainians. And the company’s researchers said they’d seen South Korea NGO targeted with a Korean-language lure entitled “Coronavirus Correspondence.” Though they’re still probing the attack, the analysts have already noted some similarities to previously-seen North Korean hacks.
In addition, there are many domain names that have been registered by hackers which could look like legitimate information sites. Examples include:
Workers need to be warned not to click on any correspondence that they are unfamiliar with – especially at a time like this when a person’s fear could be used against them.
An email titled “Coronavirus cases in your area” or something else which is of interest to them could be all it takes to pique their interest. They would be more likely to click on the link and get their computer infected. This infection could then spread through your network. Even if they use a secure VPN, they could have a key-logger installed on their machine which effectively scrapes user names and passwords. This information can be used to access network services, banking information, etc.
Please be sure your workers are aware of such scams and have them stay safe and vigilant.
While we are social distancing we must be sure to hacker distance as well!
Please consult a top-rated IT services or cybersecurity firm such as Apex Technology Services to learn how to better protect your systems. Users need training, systems need checking and the time to do this is now – before the hackers find the weaknesses and exploit them.