Cyber threats have always adjusted quickly to seasons and popular topics: too good to be true deals for Christmas shopping, fake emails from Target or Wells Fargo when their names were in the news, and now new threats piggybacking on the popular search terms of “COVID-19” and “coronavirus.”
Did you know that a popular scamming scheme is to register website domain names that sounds close to real sites, sound like helpful news or shopping sites related to a popular topic, or helpful tip sites? Scammers and cybercriminals are using coronavirus traffic to target internet users around the world.
“In the past three weeks alone (since the end of February 2020), we have noticed a huge increase in the number of domains registered — the average number of new domains is almost 10 times more than the average number found in previous weeks,” the researchers said. “0.8 percent of these domains were found to be malicious (93 websites), and another 19 percent were found to be suspicious (more than 2,200 websites).”
-Check Point Research
https://blog.checkpoint.com/2020/03/05/update-coronavirus-themed-domains-50-more-likely-to-be-malicious-than-other-domains/
How can users stay safe from constantly evolving threats, and differentiate between good and bad sources?
Directly Visit Dependable Sites
If you count on one source for up-to-date COVID-19 confirmed cases and outbreak maps, bookmark that site in your browser. You can always delete the bookmark when the pandemic is over. You could also just start typing the name of the site in your address bar, and your browser history will help you find the correct site.
If you search for the site, you may end up seeing copycat sites in the search results – these are sites that purchase a similar looking/sounding domain and use similar graphics to make you think you are on a legit site. Stay vigilant in your clicks!
Hover Before You Click
If you are looking for a link in search results, looking at the related news links at the bottom of a webpage, or considering a click on an email link, hover first! Look at the screenshot below for a sample spammy email. Hovering over the “Coronavirus Pandemic” link shows that it goes to a hidden file, not a real website.
You should also check the sender information to evaluate whether the email appears to come from a known source, whether you would typically receive this type of email from the alleged sender and whether the sender name and address match.
Protect Your Remote Connection
As the number of remote workers increased, so did fake offers of work-from-home tools, shady file-share sites and more. Make sure you have anti-virus software on the computer you are using at home and make sure you are using a secure connection to access your office server or computer and share files with other teammates.
Screen Your Phone Calls
Several teammates in our office have received coronavirus-related phone calls. Some tell us that our test kits are ready and that we just need to provide our social security number to claim them, and others ask for banking details to deposit our government subsidy funds. It’s not enough to screen your own calls – remind children, seniors, and other not-so-savvy phone users also!