sb-eu logo
Story image

Scammers using Bitcoin, sextortion to take advantage of Coronavirus fears

Scammers are using the COVID-19 outbreak to target victims in a variety of ways, looking to take advantage of the crisis gripping the world. 

Sophos has been tracking cybercriminals taking advantage of the situation, and says they are adapting and updating attack methods as real-time news unfolds. 

A bogus email impersonating a charity with the World Health Organisation logo is requesting Bitcoin with wallet ID. 

Chester Wisniewski, principal research scientist, Sophos says as people's fear and desire to do something about COVID-19 is dominating the news, it is also being exploited in every way by online criminals. 

"First, Sophos noticed phishing attackers using the World Health Organization (WHO) as a lure. Next, numerous malware gangs began to disguise their malicious wares as COVID-19-themed documents. Now today, we are seeing cyberattackers impersonating WHO charities, this time the COVID-19 Solidarity Response Fund. 

"These emails are fake, but very real looking and take advantage of new and until recently unheard of charitable organisations.," he says. 

"The tell-tale clue is the request for Bitcoin, rather than credit cards or other currency. Due to the ability to trace and stop real wire transfers and credit cards, criminals prefer to rely on crypto-currencies to attempt to preserve their anonymity and freedom and the Bitcoin payment request seen here is a sign that something isn't right about this email," says Wisniewski. 

"We haven't seen the novel nature of this attack before - impersonating charities around COVID-19."

Wisniewski says  any time the public's interest becomes fixated on a topic, scammers, spammers and malware authors latch on to the news and are determined to find a way to exploit the opportunity. 

"We've seen this type of activity in the past, but rarely is the whole world so focused on one thing, making this chance to develop scams a little too good to be true for cybercriminals," he says.

He says almost all types of malicious online activity Sophos typically observes right now has in one way or another taken advantage of a COVID-19/Corona theme. 

"There are limitless quantities of spams pitching expensive guaranteed Corona-proof masks, videos on how to construct your bunker and other "guides" to keeping your business or family safe. We have also seen common email-borne malware families like Fareit and Trickbot sending Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO) themed malicious emails. The latest? Spams purporting to be from charities affiliated with the World Health Organization (WHO) asking for Bitcoin donations to assist those on the front lines fighting this outbreak. Whether you trust your government or not, criminals are emailing you to exploit your fear or distrust," says Wisniewski.

"Let's be clear. If you want advice from those who truly know what is happening, visit the website of your local health authority or ministry of health. Make a bookmark in your browser for the *real* WHO website at https://www.who.int, and if you really want to make a financial contribution to those helping us stay safe in this fight, don't send Bitcoin, but go to the official website for the COVID-19 Solidarity Response Fund."
 
Sophos has also released a detailed article about an Android malware uses coronavirus for sextortion and ransomware combo.

"Like many other cyberthreats doing the rounds these days, the criminals have used the coronavirus pandemic as a lure, offering an intriguing if rather creepy app called COVID 19 TRACKER. The app offers to Track Real-Time Coronavirus Outbreak in your Street, City and State, and says it will Get Real-Time Statistics about Coronavirus outbreaks around you in over 100 countries," the company explains.

"However, if you're keeping your eye out for giveaway mistakes, it actually says outbreak around you, an error both of grammar and spelling.

Unlike most scams that come through via phishing emails, this is a done via an app, and it's important we remain vigilant, especially during difficult times like these."

Story image
AWS launches fully-managed fraud detection service
Businesses lose billions of dollars to online fraud every year, however businesses respond by investing in cumbersome fraud management solutions that often rely on hand-coded rules and are difficult to keep up to date.More
Story image
Security teams face mounting stress, call for execs to step in
“With more organisations operating under remote work conditions, the attack surface has broadened, making security at scale a critical concern. This is a call to action for executives to prioritise alleviating the stress."More
Story image
DDoS attacks surge 542% amidst COVID-19 pandemic - report
Generally considered the “off season” for DDoS attacks, researchers attribute the surge in incidents to malicious efforts during the COVID-19 pandemic.More
Story image
Global spending on cybersecurity to grow by almost 6%
Even if the global economy worsens and IT budgets suffer, the cybersecurity market will still grow by at least 2.5%, according to a new report by Canalys.More
Story image
80% of security breaches involve exposure of customer data - IBM
The new report from IBM indicates that 80% of surveyed organisations reported having exposed customers’ personally identifiable information (PII) as a result of a breach.More
Story image
A third of millennials think they're 'too boring' to be victim of cyber attack
While many millennials are concerned at how their data is being used and whether they are being targeted by cyber-attackers, according to Kaspersky any potential action taken to tighten their online security is at ‘the bottom of their to-do list’.More