Real-word viruses and their online counterparts

COVID-19 or the Coronavirus is changing life as we know it. From simple handshakes to finding toilet paper, life has changed tremendously over the past several weeks. Not only is this virus a physical threat, but it is also a threat to cyber-security. Different scams, phishing emails, fake news, and other online threats are spreading just as fast as the virus itself. Just as doctors say frequent hand-washing and respiratory hygiene is the best defense against the coronavirus, cybersecurity professionals stress that computer users need to be wary of what people clicking and downloading online.

What is coronavirus?

According to the World Health Organization, the current coronavirus that has infected thousands of people across the world is a single variant of a broader family of viruses, also called “coronavirus.” This strain of coronavirus was first identified in the city of Wuhan in central China’s Hubei province. It has the title “2019-nCoV.” Though 2019-nCoV is from the same family of coronaviruses as SARS—which spread to 26 countries between 2002 and 2003—it is not the same virus.

Suspicious online Coronavirus activity

Numerous online postings, websites, and other forms of suspicious activity have popped up online over the past several weeks. Because this is such a hot topic around the world, it is easy to fall victim to these scams. Here are a few of the more prominent ones out there.

Coronavirus Maps and websites

Coronavirus-themed domain registrations are 50% more likely to be from malicious actors found in a study by Check Point Software Technologies. Since that report was released last week, there have been some high-profile examples, most notably a map meant to mimic some of the popular coronavirus outbreak maps used online.

The map was found doing its dirty work via the link corona-virus-map.com.exe by Reason Labs researcher Shai Alfasi. Victims who visit the page are shown a map of the globe, highlighting which countries the virus has spread and offers stats on the number of deaths and infections recorded.

To give the fake and malicious map an extra aura of authenticity, criminals have designed it to mimic a legitimate COVID-19 threat map created by Johns Hopkins University that similarly shows countries hit by the virus together with the latest statistics. 

“The malware has a graphical user interface that looks very good and convincing,” said Alfasi.

The malware can be used to steal browsing history, cookies, ID/passwords, cryptocurrency, credit card information stored in users’ browser history, and more. It can also download additional malicious software onto infected machines.

Johns Hopkins spokeswoman Jill Rosen said the university is aware of the malware that impersonates its COVID-19 site and warned users to only trust the maps at the John Hopkins website – https://coronavirus.jhu.edu/map.html.

Social Media

Social media messages for the virus spread quickly and most platforms are trying to fight the spread of fake coronavirus news.

Twitter recently introduced a site popup, visible on searches for “coronavirus” and related terms, which directs users to the Center of Disease Control and Prevention (CDC) website for more information. Additionally, Twitter announced further policies, banning adverts that “opportunistically use the Covid-19 outbreak to target inappropriate ads.”

Facebook’s chief executive, Mark Zuckerberg, announced a new range of policies to stop the spread of dangerous misinformation across the company’s apps last week. Like its competitors, Facebook has implemented a banner directing users searching for coronavirus to the CDC or World Health Organization (WHO) website.

Instagram, owned by Facebook, has a mandatory popover that interrupts any search on the coronavirus hashtag with a message saying: “See the most up-to-date information from the National Health Service.”

Facebook has also been wielding its advertising platform against coronavirus misinformation. Last week, the company banned ads for products that claimed to cure or prevent Covid-19 or created a “sense of urgency” about the outbreak. Last week, Zuckerberg also committed to giving the WHO “as many free ads as they need,” as well as “millions more in ad credits to other organizations.”

Phishing email scams

This one shouldn’t shock anyone. Many of the emails, which often appear to be sent by WHO or the CDC, pretend to offer new information about the virus. Some hint at the availability of a vaccine and others claim to be from charitable organizations looking to raise money for victims. To further complicate things, plenty of legitimate coronavirus-related emails are circulating right now, making it easier to float malicious ones without drawing attention. Human resources departments are reaching out to employees about working from home, schools are updating parents on precautions and canceled events, and businesses are trying to ease customer concern.

For many cybercriminals, gaining access to corporate computer systems or personal devices is the primary goal. Here are some quick tips for coronavirus emails:

• Check the URL – Check the spelling of the URL. Typically, misspelled URLs are a sign of a malicious website. Don’t assume that a website is legitimate just because its URL starts with “https.” Criminals like to use encryption, too.
• Check the email content from retailers – If you are getting emails about a great deal on hand sanitizers, toilet papers or masks, this is probably too good to be true. Before clicking on anything, check the retailer’s website to see if it matches the email.  
• Don’t open attachments – These attachments may contain malware. And you should never type confidential information into a form attached to an email.
• Guard your financial information – Be wary of emails asking for account numbers, credit card numbers, wire transfers, and failed transactions.

Online Resources and up-to-date information on the Coronavirus:

• https://www.who.int/emergencies/diseases/novel-coronavirus-2019 – The World Health Organization’s main information page on the virus
• https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public – The WHO’s public advice guide
• https://www.cdc.gov/coronavirus/2019-nCoV/summary.html – The Center for Disease Control and Prevention’s main information page on the virus

Conclusions

Overall, this blog has examined some key online threats that have recently popped up form the Coronavirus outbreak. Use common sense when clicking on links, downloading information and searching online. And make sure to wash your hands in the real world!

The cyber security experts at Continuum GRC have deep knowledge of the cyber security field, are continually monitoring the latest information security threats, and are committed to protecting your organization from security breaches. Continuum GRC offers full-service and in-house risk assessment and risk management subscriptions, and we help companies all around the world sustain proactive cyber security programs.

Continuum GRC is proactive cyber security®. Call 1-888-896-6207 to discuss your organization’s cyber security needs and find out how we can help your organization protect its systems and ensure compliance.

Want to learn more?