Cyber Criminals Are Taking Advantage Of Coronavirus Fears

Hackers and cons are trying to take advantage of the copronavirus pandemic with an increase in email scams that is unprecedented according to security experts.

According to experts, individuals as well as companies in industries such as aerospace, transport, manufacturing, hospitality, healthcare and insurance are being targeted by cyber-criminals.

The criminals are using a range of languages in the phishing emails including English, French, Italian, Japanese, and Turkish.

According to the BBC, there are five major forms of this cyber crime that is taking advantage of the concerns surrounding the coronavirus pandemic.

One such campaign is a lure to individuals and companies to find a cure for the cornavirus and the disease that its causes – Covid-19. Such phishing emails being used to steal money was first noted by the cyber-security firm Proofpoint in February. The emails being sent to the firm’s customers purported the sender to be a mysterious doctor who allegedly had the details of a vaccine for the virus that is being kept a secret by Chinese and UK governments. According to the cyber security firms, anyone clicking on a link in the email are taken to a spoof webpage with the aim of gathering login details. The firm said that the cyber thugs are sending as much as 200,000 of such emails at a time.

“We have seen 35-plus consecutive days of malicious coronavirus email campaigns, with many using fear to convince victims to click,” says Sherrod DeGrippo from the company’s threat research and detection team.

Further, three to four variations are launched each day by the cyber criminals, Proofpoint said.

“It’s obvious these campaigns are returning dividends for cyber-criminals,” says DeGrippo.

On the other hand, cyber-security firm Mimecast noted another fraud that sought to gather financial and tax related data of people on the pretext of offering Covid-19 tax refunds. The fraud is conducted on a forged government website – the link for which is sent via emails.

“Do not respond to any electronic communication in relation to monies via email,” says Carl Wearn, head of e-crime at Mimecast. “And certainly do not click on any links in any related message. This is not how HMRC would advise you of a potential tax refund.”

In another cybercrime email, the sender poses to be representing the World Health Organization (WHO) and attaches a document that allegedly contains details of how the recipient could stop the spread of coronavirus.

“This little measure can save you,” claims the emails.

However, there is no useful advice in the attachment. It rather injects a malware into the computer of the recipient called AgentTesla Keylogger, Proofpoint says. This malware allows the hackers to monitor every online move of the user by recording every keystroke made by the user and sending the same to the hackers.

The subject of another phishing email reads: “Covid-19 – now airborne, increased community transmission.”

This email looks like it has been sent by the Centres for Disease Control and Prevention (CDC) and makes use of one of the legitimate email addresses of the organization. But it is sent via a spoofing tool.

Such email was described it as an example of hackers “weaponising fear and panic” by Cofense, a cyber-defence provider that was the first to detect the scam.

Clicking on the link in the mail takes users to a fake Microsoft login page where they are urged to enter their email and password. The users are then redirected to the actual CDC advice page but by then the hackers possess the email and passwords of the users and hence complete control of their email accounts.

Security experts have also identified emails form hackers and cyber criminals that ask people to donate money to help in the fight of the coronavirus pandemic. Malware experts Kaspersky first noted and reported this type of phishing email. Such mails ask users to donate money for development of a vaccine for the virus kin the form of the cryptocurrency Bitcoin.

Cyber security firm noted that the while this way of asking for donations is quite ridiculous, the fraudsters have efficiently copied the email address and signature to make then look authentic.

“We expect the numbers to grow, of course, as the real virus continues to spread,” says David Emm, principal security researcher at the firm.

(Adapted from

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s