Coronavirus Cyber Scams are on the Rise

Organizations continue to increase remote workforces and leverage technology as they navigate the challenges of maintaining business as usual during the current COVID-19 pandemic. But as the amount of people working from home increases, so does the inherent cybersecurity risks associated with remote connectivity. Studies have shown that remote workers spend more time online, which means a higher exposure to attacks. Pair the increased exposure to the fact that they are most likely using an employer provided device with network access and you can see why cyber-attacks and scams are trending up.

The recent attack targeting the World Health Organization (WHO) illustrates how hackers are modifying their attacks to take advantage of remote workforces. The group targeting WHO did their homework, creating a URL that mirrored the online portal to the WHO internal file system, replicating the user experience of logging on to the network from home with the hope end users would log on to the bogus portal. While this attack was prevented, this same group has gone after the United Nations and major universities, and is prime example of how cyber criminals are adjusting their strategies to the “new normal”.

In addition to the increased targeting of remote workforces, cyber criminals are taking full advantage of the COVID-19 pandemic. The ugly truth is whenever there is an emergency, scammers will use the uncertainty and concern of the public to their advantage and it’s no surprise that tens of thousands of domains containing the words coronavirus and/or COVID-19 were purchased dating back to January for what can be assumed as criminal purposes. In response to the rise in COVID-19 fraud reports, the FBI issued a public service announcement (Alert I-032020-PSA) outlining schemes including:

  • Fake CDC Emails – Emails claiming to be from the Centers for Disease Control and Prevention (CDC) or other “official” entities offering information on the virus through links or attachments. 
  • Malicious Websites and Apps – Websites and mobile apps that claim to track COVID-19 cases were one of the first reported malware scams, with the most talked about malware replicating the John Hopkins coronavirus tracker of global infection rates and deaths. 
  • Phishing Emails – These emails are on the rise with the recent CARES Act, be wary of emails asking for personal information in exchange for stimulus check information, as well as charitable contributions, financial relief options, airline vouchers, and rent/mortgage assistance. 
  • Counterfeit Products – Material hoarding has created opportunities for scammers to sell counterfeit products that claim to prevent, treat, diagnose, or cure COVID-19 including hand sanitizers, personal protective equipment, and medicine.

The full alert is available online at https://www.ic3.gov/media/2020/200320.aspx.

Additionally, the Better Business Bureau has published an alert warning consumers of the first COVID-19 smishing (fraudulent texts) campaign. Scammers are texting under the guise of the federal government with instructions to register for a mandatory COVID-19 tests. The alert provides important instructions on what to do if you receive the text including not clicking and not responding to instructions on disabling the texts (this confirms the number is active for scammers).

The full alert is available online at https://www.bbb.org/article/news-releases/21903-scam-alert-mandatory-covid-19-test-texts-are-a-scam.

Best Practices

As the old adage goes, the best offense is a good defense, and now is as good a time as ever to share best practices and resources to protect your end users from falling victim to an attack. In addition to our recent article, Cybersecurity Best Practices for Working from Home amid the COVID-19 Pandemic, the Schneider Downs Cybersecurity team advises the following common ways to identify a phishing threat:

  • Too Good to be True – Usually the email will include some type of draw that will grab your attention. In the case of the latest scam, a mention of tax savings would be eye-catching.
  • Sense of Urgency – There is usually an expiration date on the aforementioned draw or a warning that you will be locked-out from the online account if the matter is not addressed within a certain period of time.
  • Bogus Hyperlinks – While they can appear to lead to a legitimate website, a bogus hyperlink could actually contain only a slight change or variation that will lead you to a fake website or to download a malicious file.  
  • Phishy “From” Addresses – The email address of the sender can easily be spoofed in a similar way to a bogus hyperlink. We recommended that you hover over the address to check for errors or variations in spelling or formatting. 
  • Email Tone – It is also important to consider the tone of the email. If it appears to be from a sender that you know, is their pattern of language and email signature consistent with previous correspondence? If it seems out of the ordinary, don’t open the email.
  • Attachments – Any attachment should warrant additional scrutiny. It is prudent to never open unsolicited attachments. If you use password-protected PDFs frequently, the Schneider Downs Cybersecurity Team reminds you to refrain from including your password in the email message.
  • Unusual requests – Many phishing schemes will prompt the reader to send gift cards, cashier’s checks, money orders etc. This should be a red flag that the request is not legitimate.

Download our How to Avoid COVID-19 Scams infographic to keep security awareness top-of-mind during this pandemic.

How Can Schneider Downs Help?

The Schneider Downs cybersecurity practice consists of experts in multiple technical domains. We offer a comprehensive set of information technology security services including penetration testing, intrusion prevention/detection review, vulnerability assessments, and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact us at cybersecurity@schneiderdowns.com.

Please visit our Coronavirus resource page at schneiderdowns.com/our-thoughts-on/category/Coronavirus for related content.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at contactSD@schneiderdowns.com.

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2020 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on

OMB Issues Final 2020 Compliance Supplement
Distance Education Program Compliance Requirements and COVID-19
COVID-19: The Long Road to Recovery
Ransomware Postpones First Day of School for Hartford Students
Could your PPP loan affect the sale of your business?
CARES Act Summary of Key Provisions Impacting 401(k) Retirement Plans

Register to receive our weekly newsletter with our most recent columns and insights.

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102