What they’re up to – the coronavirus edition

What they’re up to – the coronavirus edition

Everything you need to know about cybercrime in the time of coronavirus.

Due to the unusual circumstances that this pandemic has brought to the whole world, we want to bring you awareness of what cybercriminals are up to, so that our members and consumers at large stay informed and can protect their assets, identities, and privacy.

Insurance policies

This first notice is not about the virus per se, but something we still find very important to mention. If you have purchased a medical or travel insurance policy this year, there’s a big chance it won’t cover you for losses due to/care in case of a coronavirus infection. Please read the fine print before anything happens and look for a different type of policy if you need. If you wish to obtain a policy, we suggest you contact our partner’s World Coverage Network representative Boris Fernandez to inquire.

The fake PDF
A phone screen with lines of code. Cybercrime.

Experts from Malware Hunter Team have discovered a COVID-19 awareness scam that pretends to be from the World Health Organization. On a seemingly-legitimate WHO site there is a link to download a PDF called ‘MY-HEALTH.PDF’ that claims to contain everything one needs to know to stay protected from the coronavirus. When the consumer clicks to open the PDF, a window opens that has a background downloader-installer that infects with victim’s equipment with the very well-known Formbook malware. Formbook doesn’t just steal data; it also has a keylogger that copies all sorts of login credentials.

Other phishing attempts

There are numerous phishing emails targeting remote workers. One of these messages claims to be from an established insurance company and contains attachments related to the victim’s insurance and their medical coverage for coronavirus. Upon clicking, it installs data-stealing malware.

Fake COVID-19 spread maps

There have been over 1,000 cases in the past two weeks in the United States alone of consumers who, believing to be using interactive maps to view their local coronavirus infection’s reach, in reality installed various bits of identity-stealing malware on their devices.

If you wish to make a reliable follow-up of infections in the area, we suggest that you use maps belonging to or published by well-established sources such as Johns Hopkins University.

Warning from the United States Secret Service

The Secret Service warns of various types of scams having to do with the coronavirus: among them stand out those claiming to be non-profits looking for donations for specific victims, or COVID-19 research.

Man paying making an online payment with a card on a laptop. Cybercrime.

Several sources already identify a series of fake websites that have been linked with coronavirus victims donation scams:

  • canalcero[.]digital
  • coronavirusaware[.]xyz
  • coronavirus[.]app
  • coronavirusaware[.]xyz
  • coronavirus[.]zone
  • coronavirus-map[.]com
  • coronavirusstatus[.]space
  • coronavirus-realtime[.]com

Confirm the legitimacy of any non-profit or official website via a thorough online search. Additionally, beware of clicking any links before confirming that it’s a real organization by looking up that organization’s name and using their website’s official link. If you still don’t know for sure, use a free URL-checks site like URL VOId.

We will continue to bring you coronavirus-related cybercrime information as it happens. Meanwhile, stay healthy!

  • This field is for validation purposes and should be left unchanged.