Warning: Hackers are taking advantage of the coronavirus

Many people are trying to help others in the current difficult situation. However, there are also individuals who, on the contrary, try to use it to their advantage. Hackers purposefully use fear and uncertainty to manipulate users.

This article aims to warn you against cyber threats that could make your life harder. We will also explain how to protect yourself because prevention is the key even in cyberspace.

What’s the deal?

In short, the attackers use fear and uncertainty arising from the current situation in various manipulative techniques. Whatever they are, they all have in common that they try to make users take some action, which will benefit the attacker. Let’s look at the three practical cases. 


1. Fraudulent e-mails 

Several fraudulent e-mail campaigns have already been recorded worldwide concerning the coronavirus. The National Cyber and Information Security Agency (NÚKIB) has already warned against campaigns in which attackers send out fake recommendations to protect against coronavirus. It is actually a scam to infect users’ computers with malicious code. Czech mutations of these e-mails have not appeared to date. However, it cannot be ruled out that they will not appear in the future, and at the same time, it would be a mistake to pay attention only to the cases mentioned. Creating a fraudulent e-mail campaign isn’t difficult. Attackers can be very creative. Here are examples of what other fraudulent campaigns can look like:

  • Download the new app that will show you where infected people are – link to the app page. 
  • E-mails from your employer sending the information about wage adjustments during the state of emergency – attached document.
  • Register in the new drug testing database – login-in page.
  • Donate to a family in dire straits due to the coronavirus – link.
  • Current recommendations from the Ministry to stop the spread of the coronavirus – attached document.

Now you understand that attackers can create hundredths of the version of phishing e-mails of varying sophistication. In them, they can try to impersonate authorities (Ministry, World Health Organization, doctor, your employer, etc.). They can try to evoke urgency (limited quantity, running out of time, etc.). And they can look very convincing as well (addresses that look credible at first glance, official visual style, and flawless Czech). But they will always want to take action – click on a page, open an attachment, enter information, and download an app.

One of the scam emails. It is important to remember that they can also be in Czech and have any form. Source: https://www.govcert.cz/cs/informacni-servis/hrozby/2731-upozorneni-na-podvodne-emaily-zneuzivajici-epidemie-koronaviru/


2. Fraudulent webs and apps

The case of fraudulent app visualizing the spread of the coronavirus in the world is now well known in the security community. The attackers aim to get the user to download and run the app, which at first glance does what it is supposed to – the map is usually displayed to the user. However, malicious code runs in the background collecting user data. Specifically, it can be passwords, log-in data, or other information.

As with phishing e-mails, attackers can come up with various forms of attacks. Fraudulent webs and apps appear to offer up-to-date information and warnings about the coronavirus. However, they will ask you to install add-ons, download apps, and enter log-in or payment details. This threat is, of course, relevant for mobile applications.

The map displayed to the user comes from the official website. However, the problem is malicious code in the background that is part of the application. Source: https://thehackernews.com/2020/03/coronavirus-maps-covid-19.html


3. Fraudulent e-shops

ESET has warned against fraudulent e-shops that offer various products related to protection against coronavirus. It can be masks, disinfection, or non-contact thermometers. The goal of the attackers is to obtain user log-in or payment details. Fraudulent e-shops exist in the Czech as well. Exposed webs try to appear trustworthy, and they use, for example, fake reviews from non-existing customers.


How to defend yourself?

We know that today we are all under a lot of pressure and often fear what will happen tomorrow. That’s natural. However, even in these difficult times, you must be cautious and have a healthy distrust. See below how to protect yourself.

1. Question

Be critical of the demands placed on you – whether in e-mails, on social sites, or anywhere else. Even if the sender seems trustworthy, be particularly cautious if the request concerns exploitable information and is worded in such a way as to arouse: urgency, curiosity, desire, fear, or envy. The very connection with the coronavirus can be a significant warning sign.

2. Validate

Before entering your log-in information, always verify that the wording of the address is entirely accurate. In some cases, attackers create addresses that appear correct at first glance but are actually fraudulent. They can, for example, replace the letter "n" with the letter "m" in the address or omit one vowel. We recommend opening a new browser window and entering the address manually.

By the way, watch out for the frequent mistake with the green lock next to the address. This only indicates that your communication with the site is secure. However, its presence alone does not automatically mean that the site is trustworthy.

Also, always check the e-shops you buy from on the Internet and in online communities.

Follow official recommendations and channels.

3. Never

  • Do not open unsolicited attachments.
  • Do not click on addresses in a suspicious message.
  • Do not install unknown and unverified applications.
  • Do not share your log-in information with anyone. Never!

BONUS: Cyber Compass

You'll increase your chances the most if you also follow other safety tips. There aren't many of them, but they are essential. That is why The Cybersecurity Team of Masaryk University created a course on the basics of information security for users - Cyber Compass. The course contains practical information and understandable instructions, thanks to which you will take care of yourself responsibly in cyberspace. The first three lessons of the course are also intended for users outside Masaryk University. The course is completely free for all.

You are running an old browser version. We recommend updating your browser to its latest version.

More info