Beware coronavirus phishing scams
By Adam Garber
Philadelphia -- When tensions rose between the United States and Iran earlier in the year, SMS text messages distributed malicious links saying the receiver had been drafted. No draft had occurred forcing Army Recruiting to issue an urgent notice to avoid such messages.
Now hackers are using real worries about the Coronavirus outbreak to drive similar phishing scams. With cases of the virus reaching U.S. shores, including three more this week, and the worldwide total of illnesses climbing to 20,000, people are afraid. And that fear is being used to spread malicious information online.
These hoaxes take a variety of forms and can pose real health and safety risks to Americans. One letter in Los Angeles claimed there was a local outbreak in Carson City. It was fake says county public health officials.
Social media is also rapidly helping spread inaccurate information about outbreaks and safety measures. Sometimes the posts include false cures such as drinking bleach (does not work, do not try it).
Scammers, always willing to seize on people’s fear and worries, are using false information to go phishing for individual’s private information. A phishing scam uses seemingly trustworthy websites or electronic communications to try and steal passwords or other confidential information.
From Mimecast on Twitter
Mimecast, a cybsersecurity provider, revealed one attempted phishing scam on Twitter. The note purported to have a list of measures to keep you safe in a downloadable pdf. But in reality, the link tricks people into downloading dangerous software.
These efforts often arise during urgent or scary moments in people’s lives. In this case, hackers are preying on fears of a dangerous virus that is spreading rapidly.
"Unfortunately we see this often in geopolitical events and world events," Francis Gaffney, the director of threat intelligence at Mimecast, told Wired. "This is when cybercriminals seek opportunities to use the confusion that vulnerable people have. They’ll click on links because they’re not sure."
While these phishing scams are often tied to seasonal events like tax season, riding a wave of real world news can put people’s guard down. So these efforts may be more successful. Such misinformation can grow quickly thanks to social media.
"This includes claims related to false cures or prevention methods — like drinking bleach cures the coronavirus — or claims that create confusion about health resources that are available," Facebook said in a statement.
Meanwhile, if you have questions about the virus, check with your local public health officials or the Center for Disease Control who has a complete rundown of all things related to the virus.
WHAT YOU CAN DO
Cybersecurity experts recommend a few things to stay safe:
Pause before downloading attachments or clicking on links, especially from someone you don’t know.
Confirm the email address is accurate if something seems unusual or suspicious. Look for small changes like a change to the address ending, an extra letter, or a punctuation.
If something was unsolicited but elicit a strong reaction, pause to reconsider or confirm with the purported sender by sending a separate response before doing anything.
These rules are good all the time, but be especially careful during moments of worldwide concern or individual panic. Some unscrupulous characters may take advantage of you then.
