Switch to work-from-home and consumer worries drive latest coronavirus scams: Internet Scambusters #901
Coronavirus scams on an unprecedented scale are piling on the misery for worried consumers and businesses.
Just a couple of weeks after our first warning about virus-related tricks, scammers have rolled out a whole new set of con tricks targeting those who let their guard down.
In this week’s special issue, we have scam warnings for people newly working from home, news-hungry data watchers and would-be travelers.
Let’s get started…
Coronavirus Scams Surge As Crooks Exploit Our Fears
We’re already back with a number of important coronavirus scam warnings and other alerts this week.
It’s bad enough that most of us are potentially at risk from the virus. But scammers have added misery to that by devising all manner of schemes to trick people either into handing over their money or downloading malware onto their PCs.
Our first coronavirus (COVID-19) warning, however, is aimed at people who, as a result of the illness, find themselves working from home for the first time.
Computer Viruses and Coronavirus
If your employer has told you to work from home to reduce the risks of coronavirus infection, that may seem like good news.
But are you expected to use your own computer? If so, does it have the same level of security your work devices have?
Most firms use the highest levels of computer security available. If you don’t and you’re navigating the Internet, receiving emails, or communicating with your company network, you could be at risk of a computer virus instead of coronavirus.
As well as ensuring your security software is up to date, you should seek guidance on device security from your employer.
Another risk is that you’ll be more dependent than usual on email and Internet communication. Scammers and hackers know this and will almost certainly increase their spamming activities and social media hacking.
Fake Coronavirus Dashboard Sites
There are already scores, maybe hundreds, of scam websites pretending to carry updated information on the outbreak.
You can see what one of these sites look like here: Hackers are using coronavirus maps to infect your computer.
They look official, they have maps and statistics and, unfortunately, look almost identical to some of the genuine “dashboard” sites that have appeared in the last couple of weeks.
But their purpose is not to inform. As tech information website TheNextWeb.com (see link above) warns: “Attackers design websites related to coronavirus in order to prompt you to download an application to keep you updated on the situation. This application doesn’t need any installation and shows you a map of how COVID-19 is spreading.
“However, it is a front for attackers to generate a malicious binary file and install it on your computer.
“Just to be clear, these websites pose as genuine maps for tracking coronavirus, but have a different URL or different details from the original source.”
Once installed, the software steals data and infects computers with its own virus.
The advice is to use only verified sites to check data. That’s easier said than done, especially after one of the best and leading info sites from Johns Hopkins University was hijacked last week by crooks and turned into a downloadable malware bomb.
The best rule to follow is to confine your curiosity to the CDC and other official health sites. But if you must visit data dashboard sites, never, but never, download supposed maps of infections. They’re nearly all malware laden.
We’ve written about typosquatting before (Beware of Typosquatting and New Identity Theft Warnings). It’s when crooks set up websites with almost identical spelling to a genuine site. They might just switch a couple of letters around.
They know which letters are likely to be mistyped and name their sites accordingly.
Victims who didn’t check their address bar typing then find a page that looks exactly like the one they were seeking — in this case, something connected with health, local community activities, local government guidance, and so on.
Reporting on this, researchers at security firm Proofpoint discovered a site mimicking Vanderbilt University Medical Center in Nashville. The fake site just omitted the ‘l’ in “Vanderbilt.”
In this case, the aim was to install malware, but typosquatters are also hoping to phish for personal information by asking visitors to create accounts. They know that some people (not our readers we hope) will just use the same sign-on details they have for other accounts.
When you’re visiting any site, not just coronavirus-related, you should always double check your spelling before hitting that “Enter” key. However, we all know how easy it is to overlook a mistyping, so watch out for any site that asks you to open an account or download an attachment or app.
Coronavirus Travel Scams
Finally, a general warning to people who may be affected by travel restrictions.
Scammers and spammers are likely to be messaging and posting on social media sites offering products relating to travel safety or randomly sending out emails about changed travel plans.
For example, airlines may be offering discounted tickets, so will the scammers.
Or, in one reported case, mass emailings find their way into the inboxes of people who recently bought tickets, advising them of things like new charges for seat changes or changing travel plans.
The aim is to get victims not only to unwittingly pay the scammers, but also to harvest their credit card details.
If you receive one of these messages, check directly with either the airline or the agency you booked with.
We’re sure you — and we — will be encountering more coronavirus scams in the coming weeks. For your own security, please share this alert and stay tuned to Scambusters for further information. We’ll be back with more coronavirus scam news.
Time to conclude for today — stay safe!