In the midst of the COVID-19 worldwide pandemic, cyber criminals are taking advantage of the fear, uncertainty and mass panic to exploit the situation. They use COVID-19 as the theme to lure victims into opening malicious attachments or visit fraudulent websites to disclose personal information or credit card details.
Some examples of the types of scams FraudWatch has seen in recent weeks includes:
- Phishing – Emails with apparent information about Coronavirus but containing malware links or attachments.
- Phishing Websites – Thousands of new domains containing coronavirus or covid19 have been registered and used maliciously.
- Fake News – Websites and emails containing false information regarding the pandemic, meant to frighten the public. In many cases the fraudsters are pretending to work for official organisations, such as the WHO, the CDC.
- Malicious Mobile Apps – Several Malicious Mobile Apps uploaded to popular legitimate app stores disguised as coronavirus related, such as a map of where infected people are.
- Fraudulent Products – Advertising fraudulent products claiming to help people cope with the situation, such as face masks. These cases often end up with the fraudsters disappearing after receiving the money.
Examples of some of these scams are available here.
FraudWatch International has been protecting clients around the world from this type of activity for over 17 years and has a dedicated 24×7 Security Operations Centre to detect online impersonation, fraud and abuse and to take-down this activity.
As part of this initiative, FraudWatch will:
- Utilise its own resources to hunt down malicious activity using COVID-19 / Coronavirus and have this activity taken down.
- Publish details of the methods used by cyber criminals in these attacks on its website, and actively encourage other websites and news organizations to use the material to educate consumers and prevent them from getting scammed.
- Provide a list of known fraudulent domains being used in these attacks and make this information available via real-time API access to be used on blocklists, so other cyber security companies and ISPs can stop consumers from reaching known malicious domains until they are taken down.
These initiatives around COVID-19 online scams align with the mission and values of FraudWatch International, which include making the Internet a safer place, and being socially responsible in the communities we operate in.