Phishing scams related to COVID-19 are becoming more targeted and sophisticated with scammers moving beyond common themes to novel ones like unemployment, welfare benefits, and stimulus packages.
The COVID-19 pandemic has not only exposed humanity to a new viral strain that is claiming hundreds of thousands of lives across the world but has also destroyed economic progress, crippled the movement of people and goods, and impacted people's means of livelihood.
Millions of people, even those in economically well-off regions, are now worried about whether they will be able to retain their jobs or find new ones, whether they will receive welfare benefits on time, whether their destroyed businesses will ever recover, or whether they will survive the pandemic.
With COVID-19 related lockdowns restricting people to their homes, people are using the Internet more than ever to connect with their loved ones, to do business, and to search for information about the pandemic and other areas of interest. This very trend has attracted online scammers who are experienced in exploiting people's curiosities and fears to win their trust and rob them of their privacy and money.
A quarter of COVID-related domains are malicious or suspicious
A recent study conducted by ProPrivacy in partnership with VirusTotal and WHOIS XML has revealed that scammers are not only leveraging the COVID-19 pandemic to launch new phishing scams, but also resorting to new tricks and techniques to increase the success of their operations.
For instance, while phishing campaigns were initially crafted around the availability of masks, testing kits, and information about the pandemic, many new phishing campaigns have emerged that are based on genuine concerns such as unemployment, welfare benefits, and stimulus packages.
“It would be easy to look at the overall trend and conclude that phishing activity related to the pandemic has simply fizzled out, but that’s not an accurate assessment. These malicious campaigns have moved underground and are now addressing our most intimate concerns. When will my children return to school? Will I lose my job? It is these - truly human - questions that will fuel the 'second peak' of malicious activity. This is the next battlefront in the digital pandemic,” said Sean McGrath, lead researcher on the project.
The researchers observed that as many as 1,200 COVID-related domains are getting registered every day and around a quarter of them are either malicious or suspicious. Out of a sample of 600,000 COVID-19 related domains, they identified more than 125,000 domains labeled as malicious, the vast majority of which are used for phishing activity.
A recent study by Computer Disposals revealed that only 5% of the British public can accurately detect a phishing scam and differentiate between a genuine email and a scam email. Such being the case, the success of phishing scams leveraging genuine concerns related to the pandemic is almost guaranteed.
How can Internet users fight COVID-19 phishing scams?
According to ProPrivacy, Internet users must stop believing incoming emails and messages at face value. Any email or message trying to create urgency or asking recipients to share their personal information must be treated with utmost caution.
At the same time, Internet users should not trust website URLs that are shortened, should not trust sites just because they have the 'safe' padlock symbol or use SSL (https), and should always double-check before clicking.
Internet users in the UK can also report suspicious emails to the National Cyber Security Centre by emailing the watchdog at firstname.lastname@example.org. NCSC launched its ‘Suspicious Email Reporting Service’ in April to allow citizens to report fake, fraudulent, and suspicious emails, including those that offered coronavirus-related services.
In May, NCSC said that in the two weeks since the launch of the Suspicious Email Reporting Service, the British public flagged over 160,000 suspicious emails, many of which were fake offers of testing kits and face masks. Thanks to active reporting, the government's cyber security experts were able to trace and take down over 300 bogus websites.
“This really is a phenomenal response from the British public. I would like to thank them for embracing our reporting service as well as the many organisations which have promoted it,” said Ciaran Martin.
“While cyber criminals continue to prey on people’s fears, the number of scams we have removed in such a short timeframe shows what a vital role the public can play in fighting back. I would urge people to remain vigilant and to forward suspect emails to us. If it looks too good to be true, it probably is,” he added.