As the COVID-19 pandemic continues to dominate the news cycle, cybercriminals are unfortunately taking advantage and making their move - capitalizing on fear, stress and people’s desire for answers - to gain access to personal information. From email phishing scams to hacking attempts to the increased likelihood of data breaches, we are seeing people of all ages become online victims. Here are some of the areas where people should be most cautious:
Cloned News Platforms: Hackers are tapping into the latest technologies to create cloned news websites, aka copies that mimic the real thing. Malware is integrated into these cloned sites, hidden within video and audio links of false stories containing “critical information” about COVID-19. For instance, it was recently reported that scammers copied the Johns Hopkins University online map that tracks the virus’ spread in real-time and people who clicked, inadvertently downloaded malware. [1] To protect themselves, consumers should install antivirus programs to monitor devices, hover their cursor over links to ensure they lead to legitimate websites and always think twice before installing programs from random links that are shared online.
Social Media: As much of society adjusts to working remotely and practices social distancing, social media consumption is on the rise. But consumers need to be careful, even with their friends’ posts, as a tweet or Facebook post can contain malicious links seeking to install spyware on personal and corporate devices aiming to steal confidential information. This misinformation only adds to the stress, leading people to reshare possible infected links and information, potentially spreading the infestation further. Pinterest recently introduced a “custom search experience” to remove misleading and false coronavirus info on its platform. [2] The National Security Council also tweeted asking people to ignore text message “rumors” of a national quarantine. Social media users should look out for official sources as they consume information, including the accounts of trusted news sites and their reporters. [3]
Fake Apps: Consumers should also be mindful of fake apps, as coronavirus-related mobile apps have been popping up in app stores. Recently an Android app called CovidLock claimed to help users monitor the spread of the virus. [4] It turned out to be malicious, locking Android users out of their phones and holding them for ransom by hackers. According to cybersecurity company SonicWall, there are no mobile apps that can track COVID-19 infections or point to a vaccine, so it’s critical that consumers exercise caution when absorbing any information related to the virus.
Video Conferencing Software: Social distancing has led to more companies requiring employees to WFH, along with many people choosing to stay connected through virtual social gatherings. Cybercriminals see opportunity with this new trend and have been working to hack into video conferencing platforms. For example, a hacker hacked into a WFH Happy Hour and leveraged the screen-share feature to display graphic images and video content, alarming participants before they were eventually kicked out of the chat. [5] As more people lean on video to remain connected, it’s important that call dial-ins aren’t posted in any public forums where they can be easily discovered.
Increased Likelihood of Data Breaches
The cruise line and airline industries carry some of the largest economic impacts related to COVID-19, and this makes them more vulnerable to hackers. Millions of people are either canceling or rescheduling their trips, opening up the potential for hackers to intervene when customers are communicating with companies to get their money back. Both customers and travel industry employees should be vigilant for falsified messages during this unprecedented moment in time.
By having a heightened awareness of what’s going on and always making sure to give something a second look before clicking, we can all stay safer during these uncertain times.
About the Author: Ron Culler joined ADT Cybersecurity in August 2018. As the senior director of technology and solutions, Ron is responsible for the design and architecture of the systems employed by ADT Cybersecurity, such as ADT’s Identity Theft Protection services, commercial cybersecurity solutions and more. He plays a key part in delivering cybersecurity solutions to the company’s customers.
Culler has been actively engaged in expanding the understanding of security and technology for businesses of all sizes. His expertise as a security consultant, technology innovator, and industry thought-leader has been in high demand with companies, business councils, and technology associations. A regular speaker and writer on channel issues, technology legislation, cloud and internet security, he is particularly known for his thought-leadership role in encouraging small and mid-sized businesses to protect their data and personal assets from the growing body of IT threats and breaches.
Sources
[1] https://www.tomsguide.com/news/coronavirus-map-malware
[3] https://twitter.com/WHNSC/status/1239398218292748292
[4] https://www.cnet.com/how-to/online-coronavirus-scams-are-here-watch-out-for-these-red-flags/