Coronavirus Scam Alert – Intel by KnowBe4

Opportunistic criminals are targeting your users with corona-type scams, malicious websites and phishing attacks. Raise awareness to prevent your people from falling for any of these. Read the latest update from KnowBe4, the leading Security Awareness Platform and share it with your organization.

#stayhome #staysafe

 

Below are some examples of the types of scams you should be on the lookout for:

Malicious websites …with the purpose of
infecting your device with malware. Watch out
for sites such as Coronavirus(.)com or Corona
-virus-Map(.)com. Since January there have
been thousands of websites registered containing
the word ‘corona’ and many of those are suspicious.
Some of these websites distribute malware.

 

Spam emails …trying to grab your curiosity by
using conspiracy themed catchphrases, such as
“censored”, to try and sell information (paid-for
videos) or goods that are now in high demand, such as masks, hand sanitisers or vitamins, for example.

 

 

 

 

 

Phishing scams …that appear to come from
organisations such as the CDC (Centers for
Disease Control) or the WHO (World Health
Organisation). The scammers have crafted
emails that appear to come from these sources,
but they actually contain malicious phishing
links or dangerous attachments. There are also
emails that claim to have a “new” or “updated”
list of cases of Coronavirus in your area. These
emails contain dangerous links.

 

Fake charities …emails and websites that
ask for charity donations for studies, doctors,
or victims that have been affected by the COVID
-19 Coronavirus. Scammers often create fake
charity emails after global disasters or pandemics
like the COVID-19 outbreak.

 

 

 

 

 

Fake internal HR or IT communication
…such as coronavirus surveys impersonating
your HR or IT department – the objective here is
to steal your username and password.
To access the ‘document’ or ‘survey’, the recipient
has to provide their Office 365 credentials on a
fake site – thus compromising their Office 365
account.