COVID-19 Incites Crimes of Opportunity

March 24, 2020, Mike Weber, Vice President, Coalfire Labs

Cybercriminals don't care that you're worried about a global pandemic. They are opportunistic, and we should expect them to take advantage of COVID-19 in a variety of creative ways. With our economy essentially shut down and one in five Americans ordered to stay home, millions of people are less mobile and will ultimately spend more time than ever on the internet. The good news is that people may be less vulnerable to the cyber threats that abound due to this reduced mobile, but there are plenty of ways to target people, and the latest crisis provides ample fodder to start with.

Cybercriminals have already figured out that most of us are glued to the breaking news and real-time social media coverage about the pandemic, thus are more susceptible to opening updates from what appear to be trusted sources. Panicked people are looking for maps that show the spread of the disease and other statistics. For example, a recent Android app turned out to be ransomware that changed the user's password, blocked access, and charged a fee to restore the password to unlock the device.

Another example includes spyware designed using actual data from the John Hopkins University's Coronavirus tracking map, which turned out to be a malicious application that claimed not to require special privileges, but once installed, requested access to everything from files and location to the device's camera and microphone. This, of course, had nothing to do with the university directly but was just a malicious attack using their name—the Johns Hopkins Coronavirus Resource Center on the university's website continues to be safe to navigate.

Phishing scams may be something people are becoming increasingly aware of, but even trained eyes can fall victim to an email with an apparent COVID-19 update from a company they know. I recently received an email with a malicious attachment, claiming to be a statement about COVID-19 from a major healthcare provider that I know well. Clearly, the information was tempting, but a more in-depth look led me to discover it was from a nefarious source.

Another attack that criminals may use is to try to capitalize on the financial difficulties we are currently experiencing. With a plummeting stock market and vulnerable financial institutions, people are more susceptible to opening malicious attachments if they come from a bank or credit card company where they have an account.

We've seen phishing attacks from numerous financial institutions have success in the past. These emails often say there has been a change to your account, trying to lure you into following a link to a website or into opening an attachment. As it stands now, I would personally be likely to open an email attachment that comes to me from my bank with news about an account change or move. Think twice and double-check the source to be safe!

Many Americans have gone from five days a week in the office to working full-time from home. They likely don't have much interaction with their IT departments unless they get locked out of a device or have a software problem. Cybercriminals know this and will use this vector to claim to be from the IT department of your company, requiring you to download an upgraded VPN client or critical update to your software (or other similarly dubious but purportedly mandatory task). Be wary of all emails and check the sender's address, even if they appear to come from someone inside your organization.

We are also less guarded about helping others. Scams that play on our generous side are common in challenging times, and we've seen bogus charitable donation requests in previous natural disasters. It's always wise to be very suspicious of invitations for donations in general, but if it is not coming from a source that you have previously done business with and recognize, it's especially wise to avoid any unrequested solicitations.

Ultimately, the scams that we are seeing during the COVID-19 pandemic are not new. Criminals are not getting smarter,1 but they are more inventive when the times allow. They leverage the immediacy and the emotions of unique situations and find ever more imaginative ways to separate you from your money or data. In addition to practicing good personal hygiene, you can protect yourself from these scams by being more cautious than usual about your cyber hygiene. The United States Secret Service has released some excellent advice on how to protect yourself from cybercriminals exploiting COVID-19 fears. Please let me know if you come across new examples, and if these tips are working for you.

 

Just a day or so ago, I received this proof that criminals aren’t getting smarter. 

Mike Weber

Author

Mike Weber — Vice President, Coalfire Labs

Recent Posts

Post Topics

Archives

Tags

2.0 3.0 access Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act careers CCPA Chertoff cloud CoalfireOne Compliance Covid-19 credit cards C-Store Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Ed Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi wireless women XSS
Top