The current COVID-19 pandemic has negatively affected every single facet of our lives. However, cybercriminals seem to be thriving. Since the start of the epidemic in early 2020, the number of phishing scams that use the COVID-19 theme has increased immensely, and it’s having serious effects on the world economy.
Phishing is by no means new. Scammers have been using it since the early days of the internet, and it seems to evolve incredibly quickly. Researchers from both the US and the UK have looked into these recent attacks. As they suspected, the primary platform for coronavirus phishing seems to be emails, both private and public.
Financial Institutions a Primary Target
Cybercriminals in 2020, a lot of whom seem to be active via dark web urls, seem to be focusing their attention on various financial institutions. In fact, some of the highest-rated banks were hit by these attacks recently, including HSBC, Moneygram, World Bank, and Standard Chartered.
New Scamming Trends
In the past two months alone, over 42.9% of emails that mentioned the coronavirus were marked as malicious or suspicious. That is an alarmingly high number of potential scams that are taking advantage of the epidemic. More often than not, a suspicious email will contain a link that you need to click on. Other times, it will have an attached, downloadable file. Each email would frequently claim to come from reputable health agencies like the WHO. Usually, they will ask you to provide a financial donation.
But it doesn’t end there. Scammers will also phish users by claiming to offer updates about the virus. Some of the most notorious examples include:
- Claiming to have the latest cure or vaccine for the virus
- Posting fake updates on the evolution of the virus
- Posting fake data about the virus and the number of victims
- Claiming to offer pandemic food distribution
- Claiming to have the latest info on office closures and quarantine protocols
- Stating that they can handle your FedEx packages
In addition to all that, the scammers are using the temporary export/import ban on goods to their advantage. Moreover, they will target any financial institution that offers relief funds.
Calculating the Losses
The Federal Trade Commission has looked into the losses related to coronavirus email scams. In total, more than $22 million went directly to these scammers. The FTC based this number on over 22,000 consumer complaints about COVID-19 email frauds.
The United Kingdom isn’t faring any better, either. Online consumers in the UK lost roughly £2 million, or $2.5 million, to phishers. In addition, more than £17 million, or $21.3 million, was lost on online shopping scams. With the current financial crises worldwide, these losses are a heavy economical blow to both the US and the UK.
During a crisis, criminals usually profit the most, and cybercrime is no different. So, in order to avoid being the victim of an email attack, follow these simple steps:
- When you get a COVID-19 email from an address you don’t recognize, don’t click on any links inside of it
- Try to verify the link in a private window or simply hover over it with your mouse
- Block the address if the email seems suspicious
- Don’t click on any files with these extensions: .zip, .exe, .rar, .img, and .slk.