It has always been observed that cybercriminals intent to cash in on any global crisis that arises. And it is no different this time as the entire world is gripped by a pandemic that is as perilous as any other pandemic history has seen. So far, we have seen approximately 500 different versions of Coronavirus related scams and around 2000 or more phishing attempts exploiting the pandemic scenario.
In such a delicate time where physical precaution is advised to be followed globally, scammers have resorted to yet another popular phishing tactic called Impersonation. In this kind of a scam, the cyber crooks imitate a legitimate business, charity, or well-known individuals.
In a recent incident, security researchers were impersonated and an attempt to defame them was made.
Here is what transpired –
- Hackers locked the victim’s computers even before they started their windows operating system and then it was blamed on researchers of repute.
- The scam is targeting users who download and install free software from unverified sources and crack sites.
- Experts have said that recovery of the user’s data and obtaining back the control of the victim’s computer is only possible if the wiper is using
Apart from this, there are other incidents as well where an impersonation scam was put to use in order to disrupt the efforts that are being made in the current situation.
The Scams list
- More than $110,000 were scammed off in a new COVID-19 related ruse. Scammers impersonated the staff of the Ministry of Health – Singapore and told the victims that Chinese officials have seized their parcels – registered under the victim’s names – these parcels contained contraband medicine to treat the Coronavirus.
- A group of threat actors sent across fake emails infected with bitcoin ransomware or credential-stealing malware impersonating NHS workers, usually to get the COVID -19 crypto donations or leading to the blocking of critical systems.
- The red cross was also impersonated when scammers sent text messages to victims saying they were giving away face masks or selling them on behalf of Red cross. As soon as the victims click on the link provided to them, they were usually asked to pay a small delivery fee which requires them to fill in their credit card details which then is stolen by the scammers.
- The president of the United States was also not impersonated as fake emails were sent out as if they were sent from the white house with downloadable malware. Emails titled “White house Instructions for Coronavirus” were sent across with the malware.
- Another threat actor claimed to share an e-book titled “My Health E-Book” from WHO. The book claimed to offer complete guidance against the pandemic and tips on how to secure children and businesses against it.
- The Centres for Disease Control and Prevention was impersonated as well as the scammers used a convincing email letter format urging the potential victims to donate bitcoin to fund the coronavirus vaccine research.
How to protect against such scams?
There are various guidelines written by various organizations but there are two top ways to prevent oneself from falling in the impersonating email trap.
Be Attentive – Watch very closely to spot the wrong addresses, misspelled URL’s, domains with misleading labels.
Authenticity is the key – Always check for authentic sources for any advisory or announcements by the government bodies.
To read more, please check eScan Blog
