Literally every Professional body that I have subscribed to are sending me caring emails on how to stay safe during the Coronavirus (#Covid-19) outbreak. Whilst I trust those Organisations, one cannot rule out Phishing attacks (Email Spoofing). How does one trust them?
As a matter of fact, there are multiple malicious Covid-19 related Android Apps (Trojans) that have been reported by Open source Threat intelligence feeds (Source: AlienVault), these apps gather personal information (harvesting personal data) and most often creates a backdoor into your mobile devices and eventually leading into a financial loss. There are some Ransomware campaigns around that are targeting hospitals and medics who are under paramount stress treating coronavirus patients.
Fraudsters are one of the biggest Opportunists and the recent circumstances provide a perfect opportunity to capitalise on Human Emotions (Anxiety, Fear, Sadness) and expose People via different Social Engineering techniques. People are also getting text messaging (Smishing) warning them about the Pandemic and asking them to stay safe. These messages are spoofed as sent by Local Councils, Government bodies etc. comforting people to stay safe (winning Trust) and asking them to click a link for more details. Once the targeted people click through, the control is handed over to the fraudsters and then the rest becomes history.
One cannot forget the threats posed (away from Digital world) into the Physical world i.e., on the streets or at your door steps. Imagine people posing as volunteers for Covid-19 campaign, selling masks, or hand sanitisers etc. and barging into your houses? That’s nasty, so one has to verify their authenticity if they were expecting them at their door steps.
How do I protect myself?
General advice to protect against Social Engineering – It’s best not to click on the links in the Phishing emails or SMS or don’t install untrusted mobile apps. Identify email sender, if the email is addressed generically without specifying your name then it’s highly likely that it’s a Phishing campaign, hover over the links to check the URL/domain.
Ransomware help – There are some Software companies that have come forward to help the Medical research teams that are impacted by Ransomware and get them online as soon as possible ( Reference -Computer Weekly)
Right mindset – Moreover, you need to have the right mindset. To me, the solution lies within, you need to learn to manage your emotions in such times – talk to family, friends, colleagues and look at the brighter side. And what’s better than using your time and resources well to pursue your hobbies. Practice Self-control (not falling victims to the malicious campaigns) and let’s not expose ourselves in these vulnerable times. Right now not only stick to the basics of Social distancing but also learn distancing from malicious campaigns, emails or messages.
StaySafe!
Cyber Vyber 
Leave a comment