Updated: 3/27/2020

…and to make matters worse

One thing is clear: the COVID-19 pandemic has changed how we live. This includes how we work. As we previously wrote, teleworking is our new office reality. Urged by Federal, State and local government agencies, we find ourselves locked in our homes, figuring out new ways to work and occasionally updating our social media with #socialdistancing and #quarantinelife. The Coronavirus outbreak and the accompanying sense of uncertainty is having a profound impact on every aspect of our lives. If things weren’t bad enough, we now have to deal with an onslaught of nefarious hackers exploiting the pandemic for malicious gains.

People around the world are reporting a huge increase in the number of malicious Coronavirus-related phishing emails. This is not surprising as hackers have always leveraged popular and news-worthy topics to trick unsuspected users. Even less surprising is the fact that cybercriminals are pretending to be legitimate government agencies or news outlets to craft and deliver extremely dangerous malware campaigns. This approach is not new – it’s still social engineering working at its best. Be aware of it and don’t fall for it. If you need a primer on phishing and the best practices to protect yourselves, we recommend that you read our Phishing Guide.

If it doesn’t look right…avoid it!
Cyberthieves have sent phishing emails designed to look like they’re from the U.S. Centers for Disease Control. The email message may falsely claim to link to a list of Coronavirus cases in your area. “You are immediately advised to go through the cases above for safety hazard,” the text of one phishing email reads. Here’s one that may look like a legitimate message from the CDC along with an attachment (This example comes from the U.S. Health and Human Services website.)

If you see any emails coming from some domains (exampled below), it is vital to take precautions. You should not click on any links in these emails and do NOT open any attachments. Close the email and delete them from your inbox. Director of operation outcomes at Recorded Future, Lindsay Kaye, specifically called out the following domains as potentially dangerous:

• coronavirusstatus[.]space
• coronavirus-map[.]com
• blogcoronacl.canalcero[.]digital
• coronavirus[.]zone
• coronavirus-realtime[.]com
• coronavirus[.]app
• bgvfr.coronavirusaware[.]xyz
• coronavirusaware[.]xyz

Other tips to recognize COVID-19 themed emails:

• Beware of online requests for personal information. A Coronavirus-themed email that seeks personal information like your Social Security number or login information is a phishing scam. Legitimate government agencies won’t ask for that information. Never respond to the email with your personal data.
• Check the email address or link. You can inspect a link by hovering your mouse button over the URL to see where it leads. Sometimes, it’s obvious the web address is not legitimate. But keep in mind phishers can create links that closely resemble legitimate addresses.
• Watch for spelling and grammatical mistakes. If an email includes spelling, punctuation, and grammar errors, it’s likely a sign you’ve received a phishing email.
• Avoid Ads: Scammers have posted ads that claim to offer treatment or cures for COVID-19; creating a sense of urgency with a, “Buy now, limited supply.”

Again, never give your password!
Criminals are using password-stealing messages and malicious software as Coronavirus-themed alerts, alarms, or games. Some researchers found hackers masquerading as the U.S. Centers for Disease Control and Prevention in an attempt to break into emails or swindle users out of bitcoin, while others have found hackers using a fake virus-themed software to hijack mobile phones.

Work smart – use viable resources

We should all be vigilant and not respond to unexpected messages over any communications platform, especially those which request links be clicked on or attachments be opened. Visit the CDC website for the most current information about the (COVID-19) Coronavirus. Some list of topics covered, like: symptoms, prevention and treatment cases in the U.S.to mention a few.

In a current tally by RiskIQ – be aware, that there have been 300,000+ phishing websites created in March alone, using keywords relating to the current global pandemic; while 25% of Americans have already been a target of cyberfraud. As subject matter experts when working remotely & securely – we truly advise to keep caution when learning about this immeasurable outbreak.

Need more information? See our trusted, Phishing Guide.