如果我们必须指出关于当前冠状病毒危机的一件事,那就是:疫情的影响不再局限于我们的身心健康。对感染的恐惧与冠状病毒本身一样迅速蔓延,这不是一件好事。
在过去的几天里,人们对冠状病毒COVID-19 的(COVID-19)恐慌导致虚假新闻(fake news)和错误信息在社交媒体平台上传播。值得庆幸的是,由于与世界卫生组织(World Health Organization)( WHO )合作采取的举措, WhatsApp和Instagram等应用程序已经在阻止错误信息的传播。
可悲的是,恐慌导致了COVID-19 互联网诈骗、网络安全威胁和恶意活动的滋生地。在过去的几天里,我们报道了全球发生的大量以冠状病毒为主题的网络钓鱼诈骗(phishing scams)和恶意软件活动。
冠状病毒 COVID-19 骗局
在本文中,我们汇总了一些以冠状病毒为主题的最严重的在线诈骗(online scams)和影响用户的网络安全威胁的清单。
- 在家工作的工作清单和洗钱骗局
- 免费的 Netflix 订阅骗局
- 虚假的冠状病毒防病毒骗局
- 冠状病毒(Coronavirus)勒索软件和性勒索骗局
- 假的 COVID-19 跟踪网站
- 假应用
- “冠状病毒(Coronavirus)预防研讨会”骗局
- 冠状病毒医疗用品骗局
- 假冠状病毒疫苗网站。
1] 在家工作的工作清单和洗钱骗局
自冠状病毒爆发以来,办公室暂时关闭,数百万人被迫在家中远程工作(work remotely from their homes)。现在,黑客似乎瞄准了那些无法远程工作但仍在互联网上寻找工作的人——(Internet –)试图让他们陷入洗钱计划。
诈骗者以Vasty Health Care Foundation的名义,以帮助冠状病毒受害者为借口聘请在线客户服务代表。最有可能从某人的银行账户中被盗的钱将记入求职者的银行账户,后者最终会将其洗成加密货币。
在这个骗局中,您本身可能不是这个骗局的受害者。但是你在帮助一个罪犯,这同样是不道德和有害的。
2] 免费的 Netflix 订阅垃圾邮件
一条承诺在冠状病毒爆发期间提供免费Netflix订阅的垃圾邮件正在通过社交媒体和 IM 应用程序传播。尽管有许多网站为用户提供免费、不受限制的优质服务访问,以鼓励社交距离,但Netflix并不是其中之一。
要求用户在netflix-usa.net上注册。远离它!
诈骗者还要求受害者与 10 位朋友分享信息,以便在家庭隔离期间使用免费的Netflix通行证。它只是最大限度地扩大垃圾邮件的范围,这可能会影响更多用户。
阅读(Read):如何避免网络钓鱼诈骗(How to Avoid Phishing Scams)。
3] 假冠状病毒防病毒骗局
网络犯罪分子试图以提供冠状病毒防病毒软件为借口,诱使用户安装远程访问木马 (RAT)(Remote Access Trojan (RAT))和其他窃取数据的恶意软件。Malwarebytes发现了一个网站antivirus-covid19[.] 网站(antivirus-covid19[.]site),该网站承诺保护用户免受实际COVID-19病毒的侵害。安装此伪造的“防病毒”应用程序后,您的计算机将感染恶意软件。这就是黑客利用冠状病毒恐慌获利的程度。
如今,以冠状病毒为主题的(Coronavirus-themed)恶意软件的分布正在增加。最近,我们讨论了黑客利用冠状病毒恐慌攻击电子邮件地址并使用恶意电子邮件附件安装不同RAT恶意软件的事件。(RAT)为了(Just)安全起见,建议您遵循这些恶意软件预防提示(malware prevention tips)。
4]冠状病毒(Coronavirus)勒索软件和性勒索骗局
勒索软件攻击者(Ransomware attackers)正在寻找从持续的冠状病毒恐慌中受益的方法。最近,一个伪装成冠状病毒跟踪应用程序的恶意软件应用程序触发了对受害者智能手机的勒索软件攻击。
更糟糕(Bad)的是,我们还看到攻击者还威胁说,如果受害者拒绝付款,就会泄露受害者的私人照片和视频。好消息是,防止人为勒索软件攻击是可能的。同时,您可以下载这本电子书来保护您和您的公司免受勒索软件攻击。
5]假应用
在某些情况下,黑客会劫持路由器DNS设置,并将受害者重定向到恶意网站,以推广来自WHO等知名组织的应用程序。然后这些网站会推送与冠状病毒相关的恶意应用程序。
(Install)仅从Microsoft、Android或Apple官方(Apple) 商店(Stores)安装正版应用程序。
6] 假 COVID-19 跟踪网站
有一些真正的冠状病毒 COVID-19 跟踪网站。但是,用户似乎常常对信任哪个网站感到困惑。结果,这些天来,虚假的冠状病毒跟踪服务变得非常普遍。这些不受信任的应用程序和网站经常将用户锁定在他们的设备之外,并持有他们的数据以勒索赎金。
7]“冠状病毒预防研讨会”网络钓鱼诈骗
自冠状病毒爆发以来,医护人员(Healthcare)正承受着巨大的压力。不幸的是,攻击者甚至试图诱骗医护人员上当受骗。最近,攻击者被发现说服医护人员参加免费的冠状病毒预防研讨会。
实际上,这个所谓的“冠状病毒预防研讨会”只不过是一个网络钓鱼骗局,它始于一封虚假的电子邮件。该电子邮件包含一个网页链接,该网页看起来像Outlook Web应用程序,并敦促用户输入他们的登录凭据。输入用户名/电子邮件和密码后,用户的登录凭据将立即被泄露。
微软(Microsoft)已经在打击此类以冠状病毒为主题的网络钓鱼活动。但是,您需要格外小心此类网络钓鱼攻击。
8]冠状病毒医疗用品骗局
不用说,持续的冠状病毒爆发正在影响全球用户。因此,疫情爆发后可能会出现医疗供应短缺,黑客已经在利用这种情况为自己谋利。
一些提供令人难以置信的折扣的可疑网站已经建立,接受通过PayPal和比特币(Bitcoin)付款。这些完全是由诈骗者运营的虚假网站,其唯一目的是通过在收到付款后故意不处理他们的订单来欺骗受害者。
9] 伪造的 COVID-19 疫苗网站
美国司法部(US Department)( DOJ ) 警告用户(Justice)不要(DOJ)使用承诺从世界卫生组织(World Health Organization)( WHO )运送免费冠状病毒的网站。您需要做的就是支付 4.95 美元来支付运费。这只不过是一个你应该远离的骗局。但是,目前没有合法的 COVID-19(COVID-19)疫苗可用,世卫组织(WHO)也没有分发任何此类疫苗。
这些骗局和攻击背后的主要原因是关于疫情的错误信息。如果您在网上遇到任何此类骗局,请务必向有关部门报告。
阅读下一篇(Read next): PC 用户的安全计算技巧、实践和习惯(Safe Computing Tips, Practices and Habits)。
Coronavirus COVID-19 Phishing, Scams, Frauds and Schemes
If we have to point out one thing about the ongoing coronavirus crisis, it’s this: The impact of the outbreak is no longer limited to our physical or mental well-being. The fear of the infection is spreading as fast as the coronavirus itself, which is not a goоd thing.
Over the last few days, the coronavirus COVID-19 panic among people has resulted in the rise of fake news and misinformation spreading on social media platforms. Thankfully, apps like WhatsApp and Instagram are already preventing the flow of misinformation, courtesy of initiatives in partnership with the World Health Organization (WHO).
Sadly, the panic has resulted in a breeding ground for COVID-19 Internet scams, cybersecurity threats, and malicious activities. Over the last several days, we have covered numerous coronavirus-themed phishing scams and malware activities taking place all across the globe.
Coronavirus COVID-19 scams
In this article, we have compiled a list of some of the worst coronavirus-themed online scams and cybersecurity threats affecting users.
- Work-from-home job listing and money laundering scam
- Free Netflix subscription scam
- Bogus coronavirus antivirus scam
- Coronavirus ransomware & sextortion scam
- Fake COVID-19 tracking website
- Fake apps
- ‘Coronavirus prevention seminar’ scam
- Coronavirus medical supply scam
- Bogus coronavirus vaccine website.
1] Work-from-home job listing & money laundering scam
With offices temporarily shut down since the coronavirus outbreak, millions of people are forced to work remotely from their homes. Now, hackers seem to be targeting those who were unable to resort to working remotely and are still looking for a job on the Internet – trying to trap them into money laundering schemes.
Scammers, under the name of the Vasty Health Care Foundation, are hiring online customer service representatives in the pretext of helping coronavirus victims. The money most likely stolen from someone’s bank account would be credited in the job seeker’s bank account, who would ultimately launder it into cryptocurrency.
In this scam, you may not be a victim in this scam per se. But you are helping out a criminal, which is equally immoral and detrimental.
2] Free Netflix subscription spam
A spam message promising to offer free Netflix subscription during the coronavirus outbreak is spreading via social media and IM apps. Although there are many websites out there that are providing users with complimentary, unrestricted access to premium offerings, to encourage social distancing, Netflix isn’t one of them.
Users are asked to register at netflix-usa.net. Stay away from it!
Scammers also ask victims to share the message with 10 friends to avail the free Netflix pass during the home quarantine. It simply maximizes the reach of spam, which is likely to affect more users.
Read: How to Avoid Phishing Scams.
3] Bogus coronavirus antivirus scam
Cybercriminals are trying to trick users into installing Remote Access Trojan (RAT) and other data-stealing malware in the pretext of offering coronavirus antivirus. Malwarebytes found a website antivirus-covid19[.]site that promises to protect users against the actual COVID-19 virus. Upon installing this bogus ‘antivirus’ application, your computer will be infected with malware. This is the extent to which hackers are cashing in on the coronavirus scare.
A distribution of Coronavirus-themed malware is on the rise these days. Recently, we discussed an incident where hackers were caught using coronavirus scare to target e-mail addresses and install different RAT malware using malicious email attachments. Just to be on the safe side, you are recommended to follow these malware prevention tips.
4] Coronavirus ransomware & sextortion scam
Ransomware attackers are finding ways to benefit from the ongoing coronavirus scare. Recently, a malware application disguised as a coronavirus tracking app triggered a ransomware attack on the victim’s smartphone.
Bad to worse, we have also seen attackers also threatening to leak the victim’s private photos and videos if he or she victim refuses to pay money. In good news, preventing human-operated ransomware attacks is possible. Meanwhile, you can download this e-book to defend yourself and your company against ransomware attacks.
5] Fake apps
In some cases, hackers are hijacking router DNS settings and redirecting victims to malicious websites promoting apps from reputed organisations like WHO, etc. These sites then push malicious coronavirus related apps.
Install genuine apps only from the official Microsoft, Android or Apple Stores.
6] Fake COVID-19 tracking website
There are some genuine coronavirus COVID-19 tracking websites. However, users often seem confused about which website to trust. As a result, fake coronavirus tracking services have become extremely common these days. These untrusted apps and websites often lock users out of their devices and hold their data to ransom.
7] ‘Coronavirus prevention seminar’ phishing scam
Healthcare workers are working under extreme pressure since the coronavirus outbreak. Unfortunately, attackers are even trying to trick healthcare workers into falling for scams. Recently, attackers were caught persuading healthcare workers into taking a free, coronavirus-prevention seminar.
In reality, this so-called ‘coronavirus prevention seminar’ is nothing but a phishing scam, which starts with a fake email. The email comprises a link to a webpage that looks like an Outlook Web app and urges users to enter their login credentials. Upon entering their username/email and password, users will have their login credentials compromised in no time.
Microsoft is already been cracking down on such coronavirus-themed phishing campaigns. However, you need to be careful extra careful about such phishing attacks.
8] Coronavirus medical supply scam
Goes without saying, the ongoing coronavirus outbreak is affecting users across the globe. As a result, there may be a medical supply shortage in the wake of the outbreak and hackers are already exploiting the situation to their advantage.
Some dubious websites offering unbelievable discounts have been set up, accepting payments via PayPal and Bitcoin. These are completely fake websites run by scammers whose only purpose is to dupe their victims by intentionally failing to process their orders upon receiving the payment.
9] Bogus COVID-19 vaccine website
The US Department of Justice (DOJ) is warning users against websites promising to ship free coronavirus from the World Health Organization (WHO). All you need to do is pay $4.95 to cover shipping costs. It’s nothing but a scam you should stay away from. However, there are no legitimate COVID-19 vaccines currently available and the WHO is not distributing any such vaccine.
The main cause behind these scams and attacks is the misinformation about the outbreak. If you come across any such scam online, make sure to report it to relevant authorities.
Read next: Safe Computing Tips, Practices and Habits for PC users.