In February, the National Cybersecurity Centre (NCSC) released a chilling threat report, stating that Coronavirus can now infect computers too.
Are we winding you up? No. Because what NCSC was actually reporting is a phenomenon that has already spread across Japan, Australia, Italy and the US, and is now hitting UK shores too.
It involves the use of Coronavirus-related messages and content as a phishing trap, encouraging users to click on links that trick them into revealing login credentials, or that trigger a full-blown ransomware infection.
Here’s how to recognise it and prevent your computers, your users and your business from becoming its latest victims.
The Coronavirus phishing hack: what it looks like
Cyber experts Heimdal Security report on three different types of Coronavirus-related phishing content in their latest blog.
One scam takes the form of fake alerts from health networks. These links are re-routed to a web domain that steals their Outlook login credentials.
Fake medical advice is also identified as a common trope of these scams. A downloadable PDF attachment triggers malware that infects the user’s machine.
Reminders about mandatory regulations for the containment of the virus trick the user into clicking a malicious link that supposedly enables them to find out more – but the link triggers Emotet, a stealthy and highly persistent banking trojan that steals critical financial information, enabling the theft of funds.
And these aren’t the only manifestations of Coronavirus-themed attacks, In fact, fake emails and attachments promising information on ‘unreleased’ cures have also had their wicked way with many users, with cybersecurity experts reporting infected Coronavirus-themed files also being distributed by chat apps and social networks, too, enabling the attacks to go – well, viral!
Will you get hit? And how hard?
Sadly, it is reported that some £800,000 has already been lost to Coronavirus-themed ransomware attacks in the UK.
But this is just the tip of the iceberg. Consider the case of Travelex, which we cited in a recent post – the ransomware attack it suffered knocked its quarterly earnings south by £25 million!
And with mass absence through illness a coming reality in many workplaces, it’s fair to mention that there is nothing a scammer likes better than a business that does not have the human resources to maintain vigilance!
That said, the few sensible steps we outline below will help you keep infections at bay.
Eight short steps to beat the Coronavirus scammers
- Be ultra-vigilant if you encounter language and vocabulary designed to convey urgency, arouse strong emotions, and exhort immediate action – and don’t click! (The word ‘Coronavirus’ is, of course, one such example – and you clicked on the link to this blog, didn’t you? Sorry, tough love and all that…)
- Forget ‘it looks real enough’. Where you see poor English, misspellings, and suspect branding, these should obviously ring alarm bells, but phishing emails can look totally legitimate, and can originate from apparently credible email addresses – so treat every such mail as a potential phishing attempt.
- Hover over links with your mouse and you’ll see where they really lead to. If the destination link looks remotely strange, report it to your security team, or if you don’t have a security team, delete the message and make sure you inform your colleagues.
- Never enter your account credentials (login details) on any page you’ve been redirected to from an email. Bear in mind that these emails will play on your natural fears and interests – anything from downloading music to, well, Coronavirus!
- Install security software on all machines, including anti-virus, firewall, anti-malware – and don’t forget to secure your mobile devices too!
- Keep all software patched and updated – this includes the software and apps you use on a daily basis, but also the security software running in the background and your OS (Operating System).
- Use strong passwords, with the help of a password manager if necessary, and don’t use the same passwords for multiple programmes, apps, devices or services.
- Back up your data – If the worst happens and a Coronavirus-themed email (or any other) triggers a ransomware attack, being able to retrieve and restore the ransomed data rapidly from an alternative location (for example, the cloud) will render the attack toothless.
Keep calm and carry on
Much like the scare-mongering title of this blog above (sorry, but it was all in a good cause!), Coronavirus-themed scams exploit human sensitivities when we are at our most worried and vulnerable.
But when it comes to computer-borne hazards, a rational ‘stay alert and be prepared’ attitude is by far the most effective response, since it can stop the infection before it even starts.
One threat down. One virus to go.