• ProgIST CyberSec Division

Coronavirus pandemic generates new scams targeting computers & mobile phones



Scammers are taking advantage of fears surrounding the Coronavirus. Learn how to identify these new online and text attacks.


In tandem with the worldwide chaos caused by COVID-19, the virus is now wreaking havoc in the virtual world too, with scammers using it as a bait for cyber-crimes. E-mails — purportedly from renowned health organisations like the WHO, UN and ICMR (Indian Council of Medical Research), or even from corporate— along with websites, messages and apps are being used to steal crucial information.


This is done with lures of various offers of discounts and freebies on products, or listing of safety measures against the virus, and updated information on COVID-19. Mails are also being used to sell fake medical products like masks, vaccines and COVID-19 testing kits, or push work from home job offers. Meanwhile, the social media scammers are attracting users to fundraising initiatives for victims of COVID-19 or are inviting investments in companies that are helping fight the virus.



Some COVID-19 related threats specifically target your mobile phone too.!


Malicious text messages are circulating, many of which are promising to track the spread of coronavirus in real time, so you can be alerted when it’s growing in your community. But the Android app you’re linked to, if downloaded, can listen to you through your microphone, watch you through your smartphone camera and comb through your messages. This new threat is a customized version of freely available spyware called SpyMax.



Several home-based people are also receiving an attractive offer: Free Netflix subscription for the entire lock down period. All they had to do was click and fill the attached ‘survey’ and forward it to 10 WhatsApp users. Those who took up the offer are probably regretting it. It is a scam. A phishing e-mail capable of stealing their personal information.



For theft of information, the modus operandi is simple. Either a malware is dropped on to the device via links and attachments in the mails or ransomware is circulated as part of a mobile app. The malware can access your mail or banking login and passwords and credit card related information. It can even track your typing strokes and access crucial data. When the computer or mobile device becomes infected by malware, users can lose confidential information or money since malware gives attackers access to both.


What’s essentially spawning these scams is the fear, curiosity & resulting rise in online search about COVID-19. While over 16,000 new Coronavirus related domains have been registered since the beginning of the year, the number is growing rapidly, with more than 6,000 new domains registered recently, an 85% rise from its previous week. Of these domains, 0.8% or 93 websites were found to be malicious, while another 19% or more than 2,200 websites, were found to be suspicious.


COVID-19 relief fund scams in India


The scammers in India are using Prime Minister’s Citizen Assistance and Relief in Emergency Situations Fund (PM Cares Fund) as a mean to fool people & steal their money. Recently, Maharashtra Cyber Police officials claimed that fraudsters are using fake links to dupe people in the name coronavirus donations to the PM Cares Fund. The scams began soon after the PM Cares Fund was announced by the Indian government. So far, Maharashtra Cyber Police has registered 78 cases during the 21-day lock down for online misinformation on the coronavirus outbreak.


Another fake id with pmcare@sbi is also circulating on the internet. This ID could leave users confused about the correct id given the only difference between the fake and the original one is a ‘s’. Country's largest lender State Bank of India (SBI) has cautioned people of fake Unified Payments Interface (UPI) ID being circulated on the pretext of Prime Minister’s Citizen Assistance and Relief in Emergency Situations (PM Cares) Fund.



The government has warned donors against fake UPI IDs doing the rounds on the various social media platforms.



How to identify fake e-mails & messages


Here are the telltale signs of fraud mails that can introduce malware in your system:


  • Phishing e-mail is likely to be from a recognized global or national health care body like WHO, ICMR or a similar UN or government body.

  • It could also be from the Human Resources Department of your own company or workplace.

  • It may have a similar domain name, identical format and company logo.

  • It will contain an attachment or a link, asking you to click on these.

  • It could purport to have medical information, warning or precautions, with the wording conveying urgency to open or click.

  • It could offer COVID-19 test kits, masks, medicines and safety gear for sale and attractive prices.

  • It could have the latest research data and figures on Covid-19, and authentic medical information.


Tips to counteract coronavirus cons


You don’t need a degree in computer science to reduce the odds of falling victim to a cyber attack or phishing scam tied to coronavirus, or otherwise. Here are some suggestions to escalate your security intelligence:


  • Think before you click: Never open an attachment or click on a link from senders you don’t recognize. Even if you think you know the sender, if it seems odd, they’d send you information like this, contact them (in another way) to confirm it’s the real deal.

  • Verify the source: If you get an email, text or phone call that asks you to urgently confirm your personal or financial information, it’s fake. Your bank will never ask for sensitive information in this way. When in doubt, call the organization to ask if it was them. Forward all suspicious emails directly to your local and federal government.


Tips to check for fake links


  • As also pointed by the officials, the original UPI id to donate to PM CARES Fund fir coronavirus outbreak is pmcares@sbi.

  • Ensure to recheck the official UPI id again and again before donating money. Also check the registered name of the account, which should be PM CARES. Ignore or block accounts with PM CARE, P.M. CARES, or PMCARES.

  • Oftentimes the fake id has some or the other error. Make sure to check the spelling of the id before donating money.

  • Ignore all payment requests. If you receive payment requests from unknown numbers on your UPI app like Google Pay or PhonePe it is best to ignore them and block right away.


Sources:


  • LinkedIn
  • Twitter
  • Facebook

© 2020 by Progist.