April 10, 2020
Viruses aren’t the only things which multiply during pandemic emergencies. Since the world has gone into COVID lockdown, hackers have gone into overdrive, seeking to capitalize on the exponential growth of anxious, housebound targets.
According to a list compiled by security researcher DustyFresh, 3,600 separate domains containing the word “coronavirus” or related keywords were created between March 14-18 alone. Most of these are surely aimed at luring unsuspecting web users, with the aim of implanting malware, or extracting personal details.
All of this means that surfing the web for information about COVID-19 or buying essentials, has become a precarious activity. So how can you stay safe online during this challenging time? Let’s dive deeper and make some constructive suggestions.
How to avoid dangerous online resources during lockdown
First off, we need to talk about the preventative side of the equation. Just as we need to maintain social distance to minimize the spread of coronavirus, we also need to be aware of digital hazards to prevent identity theft, financial losses, and worse.
The scale of the issue is vast – so don’t think that you’re immune. In fact, DustyFresh was only really skirting the real scale of COVID-related scams. Analysts at RiskIQ have looked in more detail over longer time scales, and their findings put things into stark perspective.
Apparently, around 15-20,000 virus themed domains appear daily, and most aren’t legitimate. Some are created to sell bogus cures or preventative drugs. Others use alarmist articles to promote risky activity. And some are almost certainly state sponsored.
Experts have already been able to unravel one scheme backed by the Chinese government, which uses coronavirus literature to target users in Mongolia – a strategically important neighbor of the People’s Republic. Cybersecurity analysts FireEye have also recorded phishing campaigns emanating from Russia and North Korea – often hiding behind trusted sources like the World Health Organization.
Using events and infrastructure to launch innovative attacks
Anyone who has been targeted by sophisticated social engineering scams will know that they come in many forms. Some are easy to detect, with their over the top messaging, spelling mistakes, and obviously fake links. But others are more sophisticated.
Take WhatsApp messaging, for instance. Since the COVID emergency deepened, WhatsApp has become a go-to resource for communities and families. But it’s also become a conduit for misinformation and phishers.
Other persuasive campaigns have used the identity of the UK’s tax body HMRC, promising COVID refunds. And Canadians have been promised bogus “emergency response benefits”. This type of message has been so effective because many governments have now launched radical policies to provide support to their citizens. So phishing can blend into official communications.
At the same time, media speculation about vaccines, mortality rates, potential cures, and conspiracy theories about the origins of COVID have fed into an explosion of email and social media phishing. Our natural anxiety is being turned against us. Put the two strategies together, and you’ve got a formidable cybersecurity foe.
Inoculate yourself against coronavirus scams
All of this makes it vital for web users to educate themselves about how to find information, and how to filter potential dangers from useful sources. There are some pretty obvious rules that everyone should apply, but we often don’t.
For instance, at times like these, using social media (and even Google) as your primary information source isn’t wise. The same applies to email newsletters. Instead, a visit to the sites of official bodies like the CDC or WHO is guaranteed to provide more accurate information.
Using established sources of information won’t just improve the quality of your knowledge. Email newsletters are notoriously vulnerable to phishers, who pose as trusted contacts, only to include dangerous links. Random websites found via Google searches, or sites that crop up on Facebook feeds are just as hazardous.
As the work of the digital researchers noted above shows, it’s important to look out for domain names. If a website has a generic name with “COVID” or “coronavirus” in the address, be sceptical – especially if it’s trying to sell something or promises to unfold revelations you won’t find elsewhere.
How to find resources you can trust during the coronavirus crisis
The flipside to avoiding malicious websites is knowing which information providers to trust. After all, we all have an insatiable appetite for updates as the crisis develops, and we should be able to stay informed without risking our data or financial health.
Generally speaking, sites which carry real-time maps of the extent of coronavirus tend to be trustworthy. As are major media channels such as TV networks, the New York Times, Washington Post, the BBC, or the Guardian.
If you do need to visit a less well established site, some simple security checks will help. Look for “HTTPS” in the address line (not just “HTTP”) as this denotes that the site uses encryption to protect user traffic. This isn’t the time to be relying on unsecured websites.
And if you want to make an inquiry to an organization, try to avoid using webforms or online questionnaires. Calling by phone is preferable for security reasons. But if you do need to interact digitally, using a VPN or encrypted email account can help.
We’re all flying blind to some extent during this period, from vaccine researchers to cybersecurity analysts. But if we can minimize the risk of falling victim to online scams, we’ll eliminate one source of confusion and stress. So be alert, exercise caution, and keep in mind that websites may not be what they seem.
Jan Youngren is a cybersecurity and consumer protection specialist at VPNpro focused on investigations that help readers navigate the complex infosecurity sphere. His research and commentary has been featured in Forbes, ComputerWeekly, PC Mag, TechRadar, ZDNet, The Mirror, Entrepreneur, and many other leading publications around the world. https://twitter.com/JanYoungren, https://twitter.com/VPNpro
