What To Look For
Cyber actors, which are states, groups, or individuals who, with malicious intent, aim to take advantage of vulnerabilities and fear, may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes.
Why They Are Doing This
Two ingredients of a good scam are fear and confusion, and we have both of those, so it’s a playground for people who want to take advantage of others. Malicious actors will use this combination in order to extort anything from their victims including, but not limited to, money and Personally Identifiable Information for Identity Theft.
How to Identify It
Exercise caution in handling any email with a COVID-19 related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19. And, as one would with any other suspicious looking email, be sure to double check on who sent you the email in order to see if the sender is legitimate or not.
The actors behind the Netwalker/Mailto ransomware have recently launched a phishing campaign with coronavirus-themed content as part of a ruse to lure in and infect victims, according to a new report in BleepingComputer, citing the MalwareHunterTeam.
“Reportedly, the malicious encryption campaign leverages the attachment “CORONAVIRUS_COVID-19.vbs,” which contains an embedded executable, along with obfuscated for extraction and launch. Victims receive a TXT file ransom note that includes instructions for paying on a Tor site.”
The Toll Group and the Champaign Urbana Public Health District (CHUPD) in Illinois are two recent, prominent victims of Netwalker. In its first enforcement action against COVID-19 fraud, the Justice Department announced Sunday that it filed a civil complaint against the operators of the website “coronavirusmedicalkit.com” for “engaging in a wire fraud scheme seeking to profit from the confusion and widespread fear surrounding COVID19.” The site claimed to offer consumers access to the World Health Organization’s vaccine kits in exchange for a shipping charge of $4.95 paid by credit card. A federal judge issued a temporary restraining order against the registrar of the website to block access to it.
We all need to be able to keep an eye out for these potential scams in order to prevent the loss of data and/or money. A company is only as security aware as its weakest link, but ensuring employees knowing what to look for in terms of phishing emails with a COVID-19 related subject line, attachment, or hyperlink, as well as, social media pleas, texts, or calls related to COVID-19 during the time of the virus can help strengthen your security and prevent an attack.
As previously mentioned, be sure to double check on who sent you the email in order to see if the sender is legitimate or not. If you need assistance in setting up additional security, or have experienced an attack, contact us today for immediate consultation.