COVID-19 has been a goldrush for hackers looking to exploit the epidemic. Almost every aspect of what’s unfolded has presented hackers with new and creative ways to phish you.
People are fearful, they’re working from home and under a lot of stress. That makes for a perfect target for hackers. Here are the top eight ways hackers are using the pandemic to phish you. It would be nice if these were the only eight. They’re not – there’s more.
Everybody knows about the stimulus checks offered by the U.S. government to most workers, which means hackers know about it too. And they’ve been using it to phish you.
From the WKRG web site, “The FBI is also warning about another kind of scam–email phishing scams over coronavirus and economic stimulus checks. The agency says to look out for phishing emails asking you to verify your personal information in order to receive an economic stimulus check from the government.” The email is not from the government, it’s from a hacker.
For many people working from home, they’re using web conferencing software for the very first time. So, they’re not experienced with the procedures and protocols for using it and hackers know that to launch their phishing attacks. A phishing attack aimed at getting your credentials.
Zoom web conferencing has been the most targeted application. Thousands of potential phishing sites have been created to target Zoom users as its usage has soared. But it hasn’t just been Zoom. Other applications targeted by hackers includer WebEx (Cisco), Skype (Microsoft), GoToMeeting, Microsoft Teams and Google Hangouts. Be wary of any unsolicited email from a web conferencing company.
At this time, people are looking to trusted authorities for any medical information they can about COVID-19. Trusted authorities like the CDC, the WHO and NIH. Hackers know and use those symbols of trust to phish you when you’re looking for medical information.
From an article on Help Net Security, attackers have “been tricking users with fake email notifications and fake alerts impersonating local authorities, the US Centers for Disease Control and Prevention (CDC), and the World Health Organization (WHO) to deliver malware or to steal email credentials.” If you want the latest medical information from a trusted source, get it from their website.
Prevention and Cures
COVID-19 has people scared. So, scared that they’re taking matters into their own hands when it comes to prevention and cures. Hackers know that and use that to phish you.
From Tech Republic, “Many of the scams Barracuda Sentinel detected were looking to sell coronavirus cures or face masks or asking for investments in fake companies that claimed to be developing vaccines.” If you purchase a face mask, only do it from a reputable retailer.
People who are faring better than most during the pandemic want to help and that help usually involves donating money to a charity. And hackers know it, so they use it to phish you.
“Scams in the form of donation requests for fake charities are another popular phishing method. For example, one scam caught by the Barracuda systems claims to be from the World Health Community (which doesn’t exist but may be trying to take advantage of similarity to the World Health Organization) and asks for donations to a Bitcoin wallet provided in the email.” Don’t give to charities using Bitcoin.
Many people planned a trip before the coronavirus outbreak and now can’t go because of travel restrictions. So, people want to get their money refunded and hackers know that and use that to phish you.
From the Identity Theft Resource Center, “As a result of the COVID-19 pandemic, the Tokyo 2020 Olympics have been postponed until next summer 2021. However, scammers will not postpone their attempts to target consumers through a series of tactics, including ticket refund scams. People should be on the lookout for these schemes under the guise of helping people to switch their plans to suit the new 2021 date.” If you want a refund, deal directly with the service provider.
People are stuck at home. They need entertainment, like the kind available from companies like Netflix. And hackers know it so they use it to phish you.
An example of this is the Netflix Covid-19 phishing scam. In this scam, victims receive an email telling them that because of the COVID-19 pandemic, Netflix “will give out 3 months of Netflix Premium to help you spend more time at home.” And of course, the email comes with a link to click on for more information. It’s a scam. Be fearful of anything “free” during the pandemic.
More and more people are buying online and depending on delivery service to obtain their goods. Hackers know that and use that to phish you.
According to TechRepublic, “Cybercriminals are leveraging overwhelmed delivery services to further phishing schemes.” Consumers are used to receiving emails from ecommerce companies, including shipping status emails. So, it’s not a big leap for hackers to use those emails to launch a phishing attack. Be hypervigilant when receiving package tracking emails.
These are the top eight ways hackers are using coronavirus to phish you today. There will almost certainly be new ones in the future. To good news? You can protect yourself from all of these, and any new ones in the future, simply with an email security software called Phish Protection.
Phish Protection doesn’t require you to purchase anything. It sets up in 10 minutes, works with all major email providers and best of all, it only costs pennies per user per month. The coronavirus-based phishing attacks are not going to stop. But you can keep them from harming you with Phish Protection.