The global pandemic of COVID-19 is not only a grave health issue but it also presents new opportunities for cyber criminals. With cyber threats constantly evolving to take advantage of online behaviour and to map consumer trends, consumers are as vulnerable as ever.
During lockdown, many people are spending far more time online than usual with Vodacom seeing a 40% jump in data usage as consumers perform day to day tasks such as online shopping, internet banking, streaming content online and spending more time on social media. And while this is happening, cyber criminals have quickly seized the opportunities to exploit the crisis by adapting their modes of operation and developing new cyber-related attacks and online criminal activities.
“In view of the global pandemic, cyber-attacks are on the rise as we continue to shift to remote working. Cyber criminals are well aware that people are spending more time online and have been targeting them with innovative scams suited to the current environment,” says Jacob Kutumela, Head of Forensic Services at Vodacom.
Whilst most people are already aware of the dangers faced online, many of us would not think twice about certain actions that we perform online, which may lead to malicious malware, ransomware, identity theft and/or fraud. For cyber criminals it is therefore the perfect time to prey on anxious and less tech-savvy consumers desperately looking for the latest COVID-19 news and information.
There are several scams that you should be aware of right now, including:
One of the most common, and most effective, cyberattacks remains phishing scams. These are emails designed to look like a professional email from a reputable source, but intended to deceive you into disclosing personal or confidential information and/or allow access to your accounts. Phishing scams can take many forms, including emails designed to look like they are from official sources, government authorities, or financial institutions etc.
These websites are set up with the purpose of infecting your device with malware - malicious software that comes in an array of forms including but not limited to computer viruses, worms, trojans spyware, adware and various other types of harmful software. Since January there have been thousands of websites registered to contain the word ʻcoronaʼ and many of those are suspicious and intended to distribute malware. Watch out for sites such as Coronavirus(.)com or Corona -virus-Map(.)com.
A popular way in which cyber criminals can defraud you of your money is through electronic (emails and website) requests that ask for charitable donations. While fake charity approaches occur all year round, there is a significant increase in these during the times of real disasters or emergencies, such as the current Covid-19 pandemic. Cyber criminals may pose as agents of legitimate well-known charities or create their own charities and request donations for medical research or to support victims and their families.
Spam emails are commonly referred to as junk emails and is unsolicited messages sent in bulk by email. These are dangerous because they may contain links that lead to phishing web sites or sites that are hosting malware. Often they try to grab your curiosity by using conspiracy-themed catchphrases, such as “censored”, to try and sell information (paid-for videos) or goods that are now in high demand, such as masks, hand sanitizers or vitamins.
Fake internal HR or IT communication
This can include coronavirus surveys impersonating your HR or IT department with the objective being to steal your username and password. Typically, to access the document or survey, the recipient has to provide their Office 365 credentials on a fake site – thus compromising their login details/Office 365 account.
There are a multitude of other scams which are being spread through various channels using COVID-19 as a pretence to try and defraud or trick innocent people. These include calls from scammers asking you to change your banking details for debit orders, SMSs asking for you to make a donation, or social media hoaxes around free offerings and other malicious links being shared via WhatsApp. It is important to block these callers, do not click on any links and do not share potential hoaxes.
How to protect yourself against scams like these
“We encourage all users to be particularly vigilant at this time. Suspicious emails, unfamiliar webpages, and spontaneous messages about coronavirus should always be viewed sceptically. Never give away sensitive information, such as passwords or credit card information,” concludes Kutumela.