No, Corona Antivirus can’t fight COVID-19
COVID-19-themed scams are exploding both online and offline. Hijacked Twitter accounts peddling fake cures, scammy sites offering emergency supplies, misinformation campaigns, phishing emails and – can you believe it? – even a computer antivirus solution that protects against COVID-19! What will online scammers think of next?
Corona Antivirus, compromised routers and fake apps
Malwarebytes researchers have spotted a website advertising “Corona Antivirus -World’s best protection” – a digital antivirus that supposedly protects against the actual COVID-19.
The software offered for download (update.exe) is malware that turns the victim’s computer into a DDoS-capable bot. It can also take screenshots, steal saved passwords, log keystrokes, steal Bitcoin wallets and execute scripts.
Bitdefender warns about attackers hijacking Linksys routers through brute-forcing and altering their DNS server settings so that they point users towards malicious Coronavirus-themed webpages. The pages in question are prompting victims to install the “COVID-19 Inform App”:
What they will download and install is relatively new information-stealing malware called Oski, which can extract and steal credentials saved in browsers and cryptocurrency wallet passwords.
Charity and supply scams
Cybercriminals are trying to impersonate charities and the WHO to get users’ money, but Sophos researchers have also spotted scammy emails trying to sell “insider information” from a “military source” on how to survive COVID-19:
They are also warning about hijacked Twitter accounts advertising “a dodgy looking face mask/toilet paper/digital forehead thermometer online store.”
Europol has recently busted a global counterfeit medicine operation selling bogus “Corona sprays”, counterfeit surgical masks and testing kits, and unauthorised antiviral medications online.
Phishing emails offering checks
The FBI is urging users to be on the lookout for phishing emails asking them to verify their personal information in order to receive an economic stimulus check from the government.
“While talk of economic stimulus checks has been in the news cycle, government agencies are not sending unsolicited emails seeking your private information in order to send you money,” the Bureau noted.
Abnormal Security researchers have spotted a similar scheme in the form of fake emails from a major financial institution.
“This attack leverages the economic uncertainty around COVID-19. As the economy has come to a standstill, the attackers realize that many will be seeking relief from their credit card bills, especially if they are one of the many workers whose hours have been reduced or who have been laid off,” the researchers noted.
“The attacker created a very convincing email and landing page that appeared to come from a major financial institution. The email they created indicated that this financial institution was offering financial relief to their current credit card customers if those customers completed a form.”
Those who fall for the scheme will have their name, address, phone number, credit card number, expiration date, and the CVV code stolen.
Tips on avoiding online and offline COVID-19 scams
United States attorneys from various US districts have shared helpful advice for avoiding COVID-19 scams, and so has the US Federal Trade Commission (FTC) and the Better Business Bureau (BBB).
Users are urged to be very skeptical of any offers they get and to check their legitimacy – whether these are products, treatments, checks, or investment opportunities.
“Ignore offers for a COVID-19 vaccine, cure, or treatment. Remember, if there is a medical breakthrough, you won’t hear about it for the first time through an email, online ad, or unsolicited sales pitch,” the US DOJ notes.
Also: “Be cautious of ‘investment opportunities’ tied to COVID-19, especially those based on claims that a small company’s products or services can help stop the virus. If you decide to invest, carefully research the investment beforehand.”
Needless to say, all scams and fraud attempts should be reported to the authorities.