Criminals Trick People with COVID-19 Related Topics
The COVID-19 outbreak has provided cybercriminals with plenty of material to attract new victims. News headlines have changed with the progression of the pandemic and people are naturally drawn to COVID-19 related headlines. The latest of these is around news about the vaccine.
Cybercriminals often use headlines from current events to trick people into clicking on a link or opening an email attachment. Links can lead to websites that spread malware that can allow access to unauthorized users. Infected attachments can install malware that can also allow access or launch cyber-attacks like ransomware.
One common misconception is that if you have an anti-virus program installed on your computer, you are safe from attacks. Anti-virus software is still an important security layer that every computer should have, but there are many factors to why it may not stop all threats.
Cybercrime is often conducted by organized crime rings, nation-states, and other groups. It can be a lucrative business, and these groups are often well funded and employ skilled hackers to continually develop new malware. Many new versions of malware will go undetected by anti-virus programs until the malware is discovered and the anti-virus program is updated.
It is very much like COVID-19. It took a while to develop a vaccine, and it will take a while to get everyone vaccinated. Fortunately, in the cyber world, the vaccine for new viruses and other malware comes out quickly and can be delivered in an instant through an update. This is one reason why updates are so important. If your anti-virus software is not up-to-date, it could be susceptible to a new virus or other malware.
Other Tactics that Anti-Virus Software May Not Catch
In recent years, hackers have been using a strategy to steal login credentials (user names and passwords). A phishing email used for this purpose often explains that an attachment is a “secure” document. A login screen that mimics a popular login window like Microsoft or Google appears when you open the attachment. The thief steals the login information and gains access to the account when the credentials are entered.
The hacker then uses that email account to redirect payments or further spread the attack to all the contacts available. Anti-virus programs often will miss this type of attack because no malware exists in the attachment.
The crooks will also clean up any evidence of their activity by deleting sent emails and redirecting responses to the junk folder. This method allows the crook to act as you via email and can go undetected for a long time.
Imagine if you received an email that appeared to come from the CDC, your County Health Department, or other trusted source of health information. There is an attachment that the email describes as your application to sign up for the COVID-19 vaccine. Would you open it? If you do without determining if it is legitimate or not, you could fall victim to a cyber attack.
Do not rely completely on anti-virus, spam filtering, or other security products to completely guard your safety online. You are often the last line of defense against attacks that use email to target their victims.
Be very cautious of any email that contains links or attachments. If you receive one, confirm with the sender that they sent it and what it contains. Do not do this via email because you could be conversing with a hacker who has hi-jacked the account. Instead, call them on the phone to verify the email or simply delete it. It is better to assume the worst until you know for certain that an email came from a trusted source.
Lastly, be aware that cybercriminals will try to manipulate your actions by adding urgency or using subject lines that stir your emotions. Millions of times each day, hackers are sending phishing emails containing words like COVID-19, coronavirus, or vaccine to take advantage of people’s concerns.