Cyber Criminals Capitalize on Coronavirus Fears to Scam and Attack Consumers

As the Coronavirus, also known as COVID-19, continues to infect populations around the globe, cybercriminals are capitalizing on the fear and misinformation regarding the disease to sell fake products and distribute phishing emails, texts, and social media posts that attack consumers and individuals.

The phishing emails and social media posts are promoting awareness, prevention tips, and fake information about Coronavirus cases with some scams asking individuals to donate to victims or offering advice on unproven treatments to sell bogus products.

One phishing email campaign masquerades as legitimate Coronavirus information from the World Health Organization (WHO). The fake email however is distributing malware that installs the FormBook information-stealing Trojan. Once executed, the malware will download an encrypted file from https://drive.google.com, decrypt it, and then inject the malware into the legitimate Windows wininit.exe process to evade detection, according to Bleeping Computer.

Online criminals are also setting up fake coronavirus-related websites offering natural and pharmaceutical “cures,” vaccines, testing kits, and face masks or other items in short supply at very low prices. The fake websites steal credit card information and put individual’s health at risk with fake and low-quality medical products.

Major ecommerce platforms including such as Amazon and Ebay with third-party sellers have also been unknowingly marketing products that may be damaged, used, expired or unsafe products, yet in high demand due to the coronavirus.

Amazon has removed more than one million products listed by sellers making false claims related to the Coronavirus, says Dharmesh Mehta, Amazon’s vice president of worldwide customer trust. Mehta’s disclosure came in response to questioning during a hearing on fake and unsafe products held by the Congressional Subcommittee on Consumer Protection & Commerce, according to Forbes.¹

Online sellers should also be aware of scams that could target them through payment apps such as Venmo and Zelle, says Jason Glassberg a co-founder of cybersecurity firm Casaba Security.² A common scam is the “canceled payment scam,” where an online criminal purchases a product, pays for it through a payment app, and then cancels the payment before it’s actually processed a few days later after the online seller has already shipped the product.

The US Cybersecurity and Infrastructure Security Agency (CISA) is advising individuals to be vigilant and aware of online scams and cyber-attacks related to the Coronavirus outbreak.

“Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19,” states the agency.³

The agency is encouraging individuals to take the following online precautions including:

• Avoid clicking on links in unsolicited emails and be wary of email attachments. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information.
• Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19.
• Do not reveal personal or financial information in email, and do not respond to email solicitations for this information.
• Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information.
• Review CISA Insights on Risk Management for COVID-19 for more information.