Security Advisories /
COVID-19 Phishing Scheme
In light of the heightened fear around the COVID-19 pandemic, criminals are targeting and exploiting remote workers that are isolated from their regular daily routines.
Summary
In light of the heightened fear around the COVID-19 pandemic, criminals are targeting and exploiting remote workers that are isolated from their regular daily routines. This week the U.S. Secret Service issued an alert around Coronavirus-related phishing scams.
“Cybercriminals are exploiting the Coronavirus through the wide distribution of mass emails posing as legitimate medical and or health organizations,” the guidance reads. “In one particular instance, victims have received an email purporting to be from a medical/health organization that included attachments supposedly containing pertinent information regarding the coronavirus. This led to either unsuspecting victims opening the attachment, causing malware to infect their system, or prompting the victim to enter their email login credentials to access the information resulting in harvested login credentials.”
Another emerging fraud scheme exploiting the Coronavirus is using social engineering tactics through legitimate social media websites seeking donations for charitable causes related to the virus. Criminals are exploiting the charitable spirit of individuals, seeking donations to fraudulent causes surrounding the Coronavirus. Increased caution should be exercised when donating to charitable organizations.
Lindsay Kaye, director of operation outcomes at Recorded Future specifically called out the following domains as potentially dangerous:
- coronavirusstatus[.]space
- coronavirus-map[.]com
- blogcoronacl.canalcero[.]digital
- coronavirus[.]zone
- coronavirus-realtime[.]com
- coronavirus[.]app
- bgvfr.coronavirusaware[.]xyz
- coronavirusaware[.]xyz
What Can You Do?
- Phishing Emails / Social Engineering – Avoid opening attachments and clicking on links within emails from senders you do not recognize. These attachments can contain malicious content, such as ransomware, that can infect your device and steal your information. Be leery of emails or phone calls requesting account information or requesting you to verify your account. Legitimate businesses will never call you or email you directly for this information.
- Always independently verify any requested information originates from a legitimate source.
- Visit websites by inputting the domain name yourself. Business use encryption, Secure Socket Layer (SSL). Certificate “errors” can be a warning sign that something is not right with the website.
For more information or assistance in assuring your systems are not vulnerable, please contact your ATS Client Manager or the helpdesk at 703-876-2653 or [email protected].
References:
[0] https://www.secretservice.gov/press/releases/
[1] https://www.recordedfuture.com/
[2] https://www.forbes.com/sites/thomasbrewster/2020/03/12/coronavirus-scam-alert-watch-out-for-these-risky-covid-19-websites-and-emails/#42d7c9b01099
Working with ATS is a breath of fresh air. ATS takes our information security concerns seriously and advises us how to avoid potential pitfalls with both hardware and software. We are beyond thrilled with ATS and only wish we had selected them a year earlier.
Joseph A. Appelbaum
President & CEO, Potomac Companies, Inc.
ATS has been our trusted partner in recent upgrades we have made to our IT infrastructure and cyber security. Their account management, project management, and technical teams have all provided top-notch service, guiding us to make informed decisions, managing timelines for multiple projects, and most of all, listening to our needs and making recommendations based on our unique work environment. During the transitions, they have kept us operating smoothly and provided quick and helpful support through their Help Desk.
Amy Gavin
Nutrition.org
I just wanted to take a moment to reach out and thank you for the excellent service you and your team have provided with the hosted SIEM solution. AlienVault is great, but the real value comes from your partnership. The appliance would not do nearly as much for us without your monitoring and consulting services. You have always been on top of things and there for us whenever there is an incident. I feel confident in that our network is secure and I am able to report that our board and clients with full assurance.
Chris Hansford
EducationWeek.org