These difficult times have become the perfect opportunity for malicious parties to profit. Panic is a powerful ally when it comes to deception and the current pandemic we are all experiencing is no exception.
Coronavirus scams are proliferating online. Malicious parties, some of them State-sponsored, are using this opportunity to lead victims directly to the trap with little or no resistance.
Recent reports have shown how scams based on COVID-19 news and resources are becoming common lately… and that’s no surprise for cybersecurity experts.
At My IT Guy, we are concerned about our readers’ and clients’ physical wellbeing but also about their integrity online. In the following lines, we will explore these scams and what to do in order to prevent them.
Malicious Domains to Avoid
The first clue we have these days is domains. We need to be extra careful when it comes not only to the websites we visit but also the emails we receive. By taking a look at the sender’s email address, we can have an initial idea of the potential risk.
Now, what domains we should be avoiding? Forbes posted a shortlist of domains with the help of Lindsay Kaye from Recorded Future and Bernardo Quintero from VirusTotal. These domains showed signs of being potentially dangerous, so keep distance.
- coronavirusstatus[.]space
- coronavirus-map[.]com
- blogcoronacl.canalcero[.]digital
- coronavirus[.]zone
- coronavirus-realtime[.]com
- coronavirus[.]app
- bgvfr.coronavirusaware[.]xyz
- coronavirusaware[.]xyz
- corona-virus[.]healthcare
- survivecoronavirus[.]org
- vaccine-coronavirus[.]com
- coronavirus[.]cc
- bestcoronavirusprotect[.]tk
- coronavirusupdate[.]tk
Besides our recommendation of not visiting these websites, it’s also very important to avoid any email message coming from these domains. Do not open these messages. If you do, avoid clicking on any link or accessing any attached file in them.
Identifying Phishing Attempts
There is a bigger problem: some of the phishing attempts look very legit.
For example, in the same report, it was shown how an email address from the Centers for Disease Control and Prevention (CDC), which is a federal agency, was sending messages with a malicious Coronavirus map that installed malware on the victims’ devices.
So, how to prevent being a victim in such scenarios? Receiving an email message from this kind of senders puts us in a more difficult position as we suppose, for good reasons, to be a safe sender.
Phishing attempts will try to make us click on links or attachments, most of the time using panic and fear as incentives. These messages will offer us detailed, privileged information on how to protect ourselves and our loved ones from COVID-19. Motivated by panic, people click on these links and fall prey to the scam.
State-Sponsored Crime
Proofpoint and FireEye have detected in previous months how malicious agents linked to China, North Korea, and Russia have been using Coronavirus-based attacks in strategic ways.
For example, according to Proofpoint, Coronavirus-based attacks were used to create serious disruptions to global shipping in targeted industries. There are potential geopolitical motives behind them. This situation repeats itself in other contexts, such as China-backed attacks to targets in Vietnam, the Philipines, and Taiwan, and Russia-backed efforts in Ukraine.
At My IT Guy, it’s our priority to keep you safe. Our solutions in email marketing are powerful enough to prevent phishing attacks even before they reach your inbox. The cybersecurity technologies we use are state-of-the-art, based on AI and machine learning to achieve optimum results.
If you want to know more, click here.