How do the scams work?
Victims receive Coronavirus-themed emails in which the actors request the victim to open an attachment or click on a link provided via the email in order to obtain details about the Coronavirus. Once a victim clicks on the attachment or link, they are directed to a malicious website controlled by the actors or given a false login pop-up, requesting the victim to enter his/her login credentials.
Malicious actors can use the login credentials to access the victim’s accounts or to conduct further cyber attacks. In other campaigns, victims received emails that also appeared to originate from the U.S. Centers for Disease Control (CDC), CDC; however, malicious actors requested a donation via Bitcoin to fund a false “incident management system,” in relation to the Coronavirus (2).
Scammers have been targeting people with phishing texts Credit: KnowBe4 (3).
Handy tips to prevent becoming a victim of Coronavirus-themed online scams:
Stay on the lookout for phishing emails and other scams related to Coronavirus. Some handy tips:
• Go directly to a trustworthy website for updates rather than clicking on email attachments, links, or pop-ups
• Double check a website address prior to typing it in as scammers typically slightly alter URLs so they closely resemble a legitimate URL
• Do not enter sensitive data such as username and password into websites that do not typically ask for it
• Use multi-factor authentication whenever possible
• Use complex passwords and use different passwords for different services
• Keep systems updated and running antivirus software