Steer Clear of These Malicious COVID-19 Scams
Are you confident that the cybersecurity measures you have in place will protect your organization? Maintain consistent operations and exceptional security with tips from IT experts.
As Australia deals with the coronavirus outbreak, businesses are now having to fight the pandemic on two fronts. One is the spread of the disease in the community. The other is the increase in malicious COVID-19 scams. Scammers are using the spread of the coronavirus to capitalize on the fears of consumers across Australia.
Since the onset of the coronavirus, there has been a significant increase in COVID-19-themed malicious cyber activity across Australia. The Australian Cyber Security Centre (ACSC) and the Australian Competition and the Consumer Commission’s (ACCC) Scamwatch, reports they have received over 140 reports from individuals and businesses across Australia all related to COVID-19 themed scams and phishing activity. The ACSC has noticed thousands of COVID-19 websites have been set up over the past few weeks. While many of these are legitimate, many are being created by malicious scammers looking to exploit unexpecting Australians.
Common Malicious COVID-19 Scams
Phishing Activity
Phishing is a cybercrime where scammers target individuals and businesses by email, telephone, or text message. They lure individuals into giving out their personal information, such as bank accounts, passwords, and credit card numbers. The data is used by scammers to access important accounts and can result in identity theft and financial loss.
Emails and SMS Texts Imitating Trusted Organizations
Scammers have been imitating trusted organisations such as the World Health Organization and the Department of Health. They send out SMS phishing messages offering where to get tested for COVID-19 or how to protect yourself. Some of these scam messages use the sender information myGov appearing in the same conversation threads as the previous SMS you may have received from myGov.
Attacking the Early Release of Superannuation
There has been a recent increase in scammers taking advantage of the government’s recent announcement that people who are facing financial hardship can have partial access to their superannuation from mid-April. These cybercriminals cold-call people were claiming to be from organizations to help them get early access to their super. The Australian Tax Office (ATO) is coordinating the early release of superannuation through myGov, so there is no need to involve a third party to get access as these scammers will lead you to believe.
Phishing Emails Containing Malicious Attachments
A phishing email is sent pretending to be from the World Health Organization and prompts you to open an attachment for advice on safety measures to prevent the spread of COVID-19. When the email is opened, the attached file contains malicious software that automatically downloads onto your device, providing the scammer with ongoing access undetected.
COVID-19 Relief Payment Scam
Cybercriminals are now sending phishing emails to Australians seeking help with relief efforts or providing financial assistance for Aussies that find themselves out of work. The email offers recipients $2,500 in ‘COVID-19 assistance payments’ if they complete an attached application form. Opening the attachment might download malicious software such as malware and ransomware. Malware and ransomware trick you by installing software to access your files and personal data held on your computer.
Video-Conferencing Scams
With many people now working remotely from home, the use of video conferencing has increased exponentially since the outbreak of coronavirus. The daily number of Zoom meeting participants reached over 200 million in March 2020, compared to 10 million in December 2019 as people turn to the platform as a means of staying connected during the COVID-19 outbreak. Because it’s being used by many people working remotely for the first time, these video calls are prime targets for cybercriminals.
According to data from cybersecurity company BrandShield, the number of domains containing the word ‘Zoom’ has increased dramatically since the onset of this pandemic. As many as 2,200 new ‘Zoom’ domains were registered in March alone, taking the total to over 3,300. Cybercriminals send phishing emails containing links to phoney login pages to steal usernames and passwords.
While there are plenty of ways that hackers are attempting to gain access to your business systems and personal information, there are some common-sense measures that you can take to stay safe.
Staying Safe
- Be cautious with emails and files received from unknown senders, especially if they are offering exclusive deals or discounts.
- Don’t open unknown attachments or click on links within emails.
- Beware of lookalike domains, spelling errors in emails and websites, and unfamiliar email senders.
- Never follow a hyperlink to the myGov website, always type the full name of the website into the browser yourself.
Are you doing enough to protect yourself against cybercriminals? If you are unsure how secure your network is, speak to an expert at Sydney Technology Solutions today by calling 02-8212-4722 or via email to [email protected]. Our IT experts work with organizations of all sizes to ensure you have the tools and training needed to maintain a high level of security and efficiency within your business network at all times.
