Coronavirus scams: what to look for and how to stop them

Hackers are busy exploiting coronavirus in their attacks. In recent weeks SophosLabs has seen a surge of COVID- and Corona-related domains registered – while some will be legitimate, it’s a fair bet that the majority are destined for criminal purposes.

Common attack techniques

Phishing attacks using COVID-19 as a lure are the most visible and immediate cybersecurity risk right now. Common tactics include:

Coronavirus news

Beware of emails, SMS, and WhatsApp messages from unknown sources with information on coronavirus. Often hackers impersonate legitimate organizations and people to make their messages more believable.

Home delivery scams

With many people waiting on home delivery of essential items, hackers are impersonating delivery services. Their goal: to trick you into clicking malicious links or con you into paying extra ‘delivery’ fees.

We’re also seeing coronavirus used in other ways, including:

Extortion attempts

Criminals threaten to infect people with coronavirus unless you pay them. Often these threats include a small piece of personal information to make it more believable.

Malicious apps

Purporting to give you useful information on coronavirus, these apps enable the crooks to access all the information on the device – and even hold you to ransom.

Malicious documents

These documents claim to contain coronavirus-related information. Upon opening them you’re asked to ‘enable editing’ and ‘enable content.’ Doing so installs malicious software onto your computer.

Practical steps to minimize risk

In the current situation, many people are lowering their guard to phishing attacks and scams. We’re more anxious, more eager for information, and therefore less likely to question something that could be suspect.

With that in mind, here are three practical steps you can take to minimize the risk from coronavirus-related attacks.

Enable Multi-Factor Authentication (MFA)

MFA is a great form of defense against attacks that use a fake login page to trick people into entering their credentials.

Raise awareness of these scams amongst your employees

A simple, but effective, step is to always looks at the actual email address used to send the email, not just the display name. (If you’re on a mobile device click on the display name to reveal the real email address.)

Sophos Phish Threat, our phishing simulation and training tool, is available to everyone for free for 30 days, and now includes a coronavirus phishing template to help train your teams.

Make sure your endpoint and email protection are well-configured

When properly set-up, good protection can catch a phishing attack in multiple ways. You can try our endpoint and email protection for free at any time.

For a more extensive exploration of the cybersecurity concerns due to coronavirus and recommended mitigations, read Protecting your company during COVID-19: guidance for CIOs and CISOs by Ross McKerchar, Sophos Chief Information Security Officer.

Latest Posts