11 Mar 2020
In February, the National Cybersecurity Centre (NCSC) released a chilling threat report, stating that Coronavirus can now infect computers too.
Are we winding you up? No. Because what NCSC was actually reporting is a phenomenon that has already spread across Japan, Australia, Italy and the US, and is now hitting UK shores too.
It involves the use of Coronavirus-related messages and content as a phishing trap, encouraging users to click on links that trick them into revealing login credentials, or that trigger a full-blown ransomware infection.
Here’s how to recognise it and prevent your computers, your users and your business from becoming its latest victims.
Cyber experts Heimdal Security report on three different types of Coronavirus-related phishing content in their latest blog.
One scam takes the form of fake alerts from health networks. These links are re-routed to a web domain that steals their Outlook login credentials.
Fake medical advice is also identified as a common trope of these scams. A downloadable PDF attachment triggers malware that infects the user’s machine.
Reminders about mandatory regulations for the containment of the virus trick the user into clicking a malicious link that supposedly enables them to find out more - but the link triggers Emotet, a stealthy and highly persistent banking trojan that steals critical financial information, enabling the theft of funds.
And these aren’t the only manifestations of Coronavirus-themed attacks, In fact, fake emails and attachments promising information on ‘unreleased’ cures have also had their wicked way with many users, with cybersecurity experts reporting infected Coronavirus-themed files also being distributed by chat apps and social networks, too, enabling the attacks to go - well, viral!
Sadly, it is reported that some £800,000 has already been lost to Coronavirus-themed ransomware attacks in the UK.
But this is just the tip of the iceberg. Consider the case of Travelex, which we cited in a recent post – the ransomware attack it suffered knocked its quarterly earnings south by £25 million!
And with mass absence through illness a coming reality in many workplaces, it’s fair to mention that there is nothing a scammer likes better than a business that does not have the human resources to maintain vigilance!
That said, the few sensible steps we outline below will help you keep infections at bay.
Much like the scare-mongering title of this blog above (sorry, but it was all in a good cause!), Coronavirus-themed scams exploit human sensitivities when we are at our most worried and vulnerable.
But when it comes to computer-borne hazards, a rational ‘stay alert and be prepared’ attitude is by far the most effective response, since it can stop the infection before it even starts.
One threat down. One virus to go.