Since the biological virus causes panic in the world, bad actors thought to take advantage of this fear and launch specific phishing campaigns to steal sensitive information and spread the other type of viruses.
Security company Check Point noticed that since the beginning of 2020 over 4.000 domains were registered that have “corona” or “covid” in their name, with 3 percent of these domains already classified as malicious and another 8 percent labeled as suspicious. These domains will be used in phishing attacks, where you’ll receive emails from source that will appear to be known and trustworthy but that will trick you into giving out sensitive information or will download malware or will send you to a link where both could happen and others, like credentials stealing.
It’s a known practice that scammers will take advantage of emergencies, those moments when people are scared, desperate and vulnerable to push their scams. The coronavirus epidemic is no different and malicious actors from all over the world are finding ways to mask their attacks behind coronavirus warnings and recommendations.
The World Health Organization itself has warned a few days ago that they’ve discovered such phishing campaigns where scammers were claiming to be WHO members. Within Europe, Italy is the biggest target for these campaigns, scammers claiming to be members of the Italy branch of WHO spreading malware in emails that were supposed to be precautions about the coronavirus.
In order to protect yourself, it is very important to pay close attention to the sources from which the emails come. And even if the source addresses appear to be correct, keep in mind that the correct addresses can also be forged or come from someone who has already been compromised, so be very careful about what you are asked for in that email as well. Any email that asks for a any password or sensitive information is most likely a phishing attempt, these things are not requested via email.
Extra care should also be taken when opening any attachment, especially one that comes from an unknown sender. And be careful of any links, check before clicking to which site they want to send you (when you hover your mouse over a link, it should say at the bottom of the page on what site it will actually send you), if you don’t recognize the site it’s better if you don’t open it.
And if the link promises a cure for coronavirus, think twice if it is real, as there is currently no cure and if there were, it would not be sent by random emails.