7 min read

Coronavirus Phishing Scams Exploit Misinformation

Liviu ARSENE

March 17, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Coronavirus Phishing Scams Exploit Misinformation

A series of phishing scams have exploited the ongoing Coronavirus (COVID-19) pandemic to either spread malware, trick victims into giving away sensitive information, or raise funds that they falsely claim will help find a vaccine.

While working from home might seem like a respite from office life, staying indoors means we”ll all be spending more time online reading news, shopping, and going through emails. Whether it”s through our company laptop or personal device, more time spent online means more exposure to fraud, phishing, and malware. They all attempt to exploit our curiosity and basic necessities, such as the need to buy medical or personal hygiene equipment or other goods.

Preying on the common desire to learn more about the signs and dangers, or even how to survive potential exposure to COVID0-19, cybercriminals have started sending phishing emails that promise exclusive information in the form of attachments and links to protection gear at highly discounted prices. Many even ask for Bitcoin donations that they say will support research for a Coronavirus vaccine.

Coronavirus Phishing Scams Exploit Misinformation

Note: The above is not a video, but an image that’s used by scammers to trick users into clicking and visiting fraudulent URLs.

Most online scams occur through spam emails that entice with amazing discounts for medical supplies that have long since flown off the shelves of pharmacies and stores.

Did you say, WHO?

No, it”s not the infamous Doctor Who from the popular TV series, but someone claiming to be a doctor working for the World Health Organization (WHO). It”s one of the most popular email scams and it claims to have new and exclusive information on how to prevent and protect against Coronavirus infection. All you have to do is open the attached document to read more.

Preying on our concerns, fraudsters are impersonating institutions affiliated with or linked to the Centers for Disease Control and Prevention (CDC) and the World Health Organisation (WHO). Their tactic includes deploying malicious links or attachments claiming to give you a list of infected people in your area.

As seen in the image below, the attached document seems to be a .rar archive, according to the extension. However, the actual file has a .pdf or .exe extension. Once you try to open it, you will only execute the malware.

To view the actual file extension of files, tick the “File name extension” checkbox under the View menu in your File Explorer window. This can help you spot files that are misleadingly named to seem benign.

Namedropping Global Organizations

Another series of messages that allegedly offer new updates in the Coronavirus outbreak use logos from the World Health Organization to appear legitimate. They entice readers with grants and donations sponsored by the “World Bank Group, United Nations Organisations, World Health Organisation, Asian Development Bank, World Trade Organization, International Monetary Fund, European Central Bank, Organisation for Economic Co-operation and Development, International Finance Corporation and many more.”

As the image below points out, the message also encourages you to open the “HEALTHCARE.PDF” file attached. Like in the previous example, the actual file is nothing if not malicious.

Needless to say, just because an email uses the logos and starts namedropping known organizations and financial institutions doesn”t mean it”s legitimate. Pay attention to the file extension for attachments above all else.

An Email Thread With…NATO

Another phishing scam in circulation claims to come from the United Nations and instructs recipients to read the instructions in the attachment (in this case, a Microsoft Excel document) on how to prevent the spread of Coronavirus.

What the email lacks in detail it makes up in seriousness, as it appears to be signed by someone working at the “Directorate of Diplomatic and Consular Personnel.” It also seems to be forwarded, and has the overall tone of an internal business message you”d receive in the regular course of work.

Of course, opening the attached document will bring you a world of trouble, as the document is tainted with malware intended to infiltrate your computer and enable attackers to compromise your personal and financial data.

The Old “Donate to Fight Coronavirus” Scam

It”s not unusual for fraudulent charities and donation websites and emails to appear after a natural disaster or a worldwide health emergency. In this scenario, the fraudsters will craft charity emails and ask for donations for Coronavirus victims, medical staff or even COVID-19 studies.

Another scam involves posing as an “Ophthalmologist” in an attempt to lure victims into donating in order to treat “families and children in China” with the Coronavirus vaccine. Of course, all donations need to be made in Bitcoin, and a Bitcoin wallet is made available.

To help sell the idea of a Coronavirus vaccine, the email also contains two images: one with alleged doctors wearing protection gear and doing some “sciencey” stuff, and the other with a vaccine bottle labeled “Coronavirus Vaccine.”

The next time you have the urge to lend a hand to any relief or health organizations, make sure that the website, email address, or the cause itself is real, or try ringing an emergency hotline for additional information.

An offshoot of the donation scam is the funds transfer scam, which basically asks you to help a victim of the Coronavirus wire transfer funds to a foundation that helps the suffering. Of course, while you”re not instructed to click any link or open any attachment, you”re given an email address to contact the “benefactor” to learn how to receive and transfer the funds.

This is the type of scam where, if you answer, you”ll get suckered into performing wire fraud with the promise that you”ll receive some sort of commission.

And if you happen not to fall for this one, there”s another scam that encourages you to get back to the scammer, except this time it claims that you can purchase “as many [experimented pure confirmed “coronavirus vaccine”] for people badly in need.” Simply contact the good doctor Zaks (ahem) and he”ll fix you up with the latest, newest, and guaranteed-to-work Coronavirus vaccine.

The (hyper)link Trick

Some Coronavirus-related email scams might even go the extra mile and give you information that you already know, such as official numbers of victims infected or even details about existing health problems that could complicate a potential COVID-19 infection.

However, that information is twisted with a bit of paranoia. Either implying that the government knows more about the outbreak than they let on, or that in you will “die in agony from pneumonia” in case of infection, these messages try at some point to get you to click on something. And it can be the most benign something, such as an apparent YouTube video that promises more information.

Of course, what”s embedded is not a YouTube video but an image. Even more interesting is that, while it looks like a YouTube preview thumbnail, it”s just an image that, once clicked, points you to a phishing, fraudulent, or malicious website, depending on what the cybercriminal has planned next.

As a general rule, don”t click on images, text or links, even if they seem to point to a legitimate source. You can use the pointer to hover over the text to see the real link that it points too (check the image above) or simply manually type the address in the browser.

In fact, messages from legitimate organizations and companies rarely ask you to click on an embedded link. Instead, they ask you to check out their official webpage for more information and details (even if it really is all about conspiracy theories and government plots).

Check out the gallery bellow for more scams that might show up in your inbox:

How to Protect Yourself?

If you”ve read all of the above, you”re probably more skilled at spotting phishing and scams than before. That”s because it”s all about paying attention to details and knowing what”s real and what”s not. Looking for typos, for amazing discounts, for misspelled email addresses and domains, and even suspicious links and hyperlinks can prevent you from becoming a victim.

  • Just because the contents of an email has legitimate logos doesn”t mean the email address is legitimate;
  • Just because an attachment looks like a PDF or document, doesn”t mean that it actually is;
  • Even if the email only asks you to reply to the message, why should you? If you don”t know the person, if the offer is too good to be true, and if the reward far outweighs your effort, it”s definitely a scam;
  • Stay informed and check any information across multiple official and legitimate sources;

Here at Bitdefender we focus on keeping your devices protected from malicious activity and threats of all kinds. Now more than ever, you need autonomy and safety as you reach the world via your internet-enabled devices. That”s why we have extended the trial for our best security suite, ensuring that you can take care of your family”s devices for up to 90 days. If you”re already set up, why not make an unexpected gift to your loved ones who might not be aware of emerging cyber threats?

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read
Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find
Silviu STAHIE

November 29, 2022

1 min read
Apple Users Report Seeing Other People's Photos When Using iCloud for Windows Apple Users Report Seeing Other People's Photos When Using iCloud for Windows
Silviu STAHIE

November 25, 2022

1 min read