The COVID-19 pandemic, as we know, has affected countless individuals and businesses worldwide, both in real life and the digital world. Coronavirus related domains are being created at a rapid rate. We will dive into how cybercriminals are reacting to the COVID-19 pandemic, both in the dark web and the clear web.
The COVID-19 pandemic, as with any event of this scale, has created massive challenges businesses and individuals in, what is now reported to be, every country on earth! There are always those who, in a time of crisis, grab the opportunity to make a profit. In the case of the Coronavirus, medical device manufacturers, video chat services and supermarket chains are all profiting from the increase in demand for their goods and services.
But along with the good always comes the bad – and cybercriminals are already exploiting and profiting from this world-wide pandemic. It is an opportune time for them to make a considerable profit by praying on people’s fears, needs and sometimes wants.
Over the past few weeks, we have monitored a considerable amount of scam attempts involving Coronavirus where cybercriminals are plotting and sharing their ideas on the dark web.
For example, we detected the following activity:
- Coronavirus phishing lures in a phishing email/SMS message
- Participants were offered ideas such as an alert from the government regarding infections in a local area, which included an attachment detailing risky places not to visit.
- A cybercriminal offering their services to assist with setting up a Coronavirus scam page:
- Another site selling medications that beat and cure the Coronavirus:
- A cybercriminal offering an antidote for the COVID-19 virus:
- Another cybercriminal offering a detector device for the virus:
These dark web conversations are consistent with the sites we have been monitoring, as well as those that have been reported on news broadcasts relating to Coronavirus scams.
Cybercriminals have been hard at work, creating numerous phishing websites, selling fraudulent medical equipment, impersonating health organizations, such as the World Health Organisation, and the Centre for Disease Control as well as other government agencies. They’ve been hacking into legitimate Coronavirus related apps to install malware on them, spreading misinformation of different sorts to increase the chaos people are experiencing, and even creating a fake, malicious version of the Johns Hopkins University dashboard that is widely popular amongst people who want to stay up-to-date with the COVID-19 virus spread.
So, what do you do if you or your organization are a victim of a scam?
- Publish Warnings:
- The response to this from many countries has been to publish warnings regarding scams. Some countries have even set up dedicated hotlines to report activity.
- ONLY rely on authentic sources:
- The best way to defend against Coronavirus scams is to make sure you only rely on authenticated sources of information, like known news agencies and TV channels, along with official organizations.
- Information shared on social media platforms, forums and instant messaging apps is not always credible, and should not be regarded as reliable.
FraudWatch International is actively targeting all COVID-19 Online Scams to protect all Internet users from cybercriminals during this period. If you have been a victim, heard of an ongoing scam or have any other relevant information regarding scams or fake news, please report the details to Covid19@fraudwatchinternational.com.