• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » Government Cyber Security » Don’t Fall for These Pandemic Scams

Don’t Fall for These Pandemic Scams

2020-05-04 by Michelle Dvorak

Pandemic Scams

FBI Issues Warning About Targeted Email Phishing Attempts

The US Federal Bureau of Investigation (FBI) issued a FLASH alert regarding targeted email phishing attacks. These phishing emails attempt to steal user login credentials and infect computer systems. They may contain malware disguise as email attachments or direct the user to a harmful website. The attacks stem from numerous scammers, hackers, as well as state sponsored Advanced Persistent Threat (APT) groups.

Cyber security researchers, the FBI, and other law enforcement agencies have identified numerous COVID-19 scams. These email phishing campaigns contain malicious file attachments and cloaked URLs to spoof websites. The attacks play upon people’s fears and concerns stemming from the COVID-19 pandemic. These attacks first appeared as imposter scams in Asian countries. The contents of the emails often claim that the attachments are official notices informing the recipient of a nearby outbreak. Some of them even contained slightly helpful information.

READ: What are Advanced Persistent Threat Groups?

The FBI alert was forwarded by the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC)

Scammers, hackers, and nation-state Advanced Persistent Threat (APT) groups are using COVID-19 themed cyber attacks to steal credentials, money , and financial information. The attacks usually contain wording and/or email attachments that appear to be helpful healthcare data, pandemic information, and official notices. The emails, attachments, and malicious websites may be crafted to look exactly like official government websites. The scams may also be designed to look official communications from World Health Organization, US Center for Disease Control, or any number of health organizations across the globe.

Early COVID-19 themed phishing campaigns began in areas where the pandemic started and followed its spread across the globe. Scammers use scares tactics or a sense of urgency to trick the recipient into downloading email attachments that contain malware. The reader may also be urged to click on a link in the body of the email. The link leads them to a malicious website (like those listed at the end of this article) These websites steal us credentials and sensitive data that results in monetary they or identity theft.

The phishing emails attempt to steal online account credentials like Microsoft Office 365 accounts, email passwords, video conferencing service logins, or financial accounts information. The content of the emails is designed to frighten the recipient into clicking on links in emails which send them to malicious websites. The websites supposedly require authentication to proceed. If the user enters any information, the hackers harvest it. The victim is redirected to an official website like the World Health Organization’s (WHO) Coronavirus information page, so they do not suspect anything is amiss.

Nation-state sponsored hackers are responsible for many of these targeted phishing campaigns. Attacks of this type are generally targeted at large corporations, critical infrastructure, political organizations, and high-profile people. APT groups typically steal money to fund other activities for their sponsoring nations. They may also steal sensitive corporate data, trade secrets, and conduct espionage on behalf of their sponsor.

READ: 5 Tips to Identify a Phishing Email Scam

Numerous attacks have surfaced since the beginning of the pandemic. The overall number of attacks hasn’t necessary increase during catastrophes. There are only so many hackers and resources out there. Hackers turn their efforts to exploit world news events, natural disastrous, and high-profile crisis to quickly track people into giving money, credit card numbers, login information and other sensitive data. The hope is that if they launch cyber attacks quickly, they can profit from a successful campaign.

This FLASH alert was released as raffic Light Protocol (TLP): WHITE and was was coordinated with DHS CISA.

Example Malicious Filenames

Like many phishing emails scams, the malicious email attachments contain misspellings which can help identify them. The file names are intentionally named using COVID-19 wording to trick the recipient of the phishing email in to trusting that the file contains helpful information related to

• Covid-19_zip.bin
• COVID-19.rar
• Attachments-Fwd_ Proforma for COVID-19.zip
• COVID-19 WHO RECOMENDED V.gz
• COVID-19 WHO RECOMENDED V.exe
• Covid 19 Immunity Tips (2).zip
• zbetcheckin_tracker_COVID-19.jar
• AWARENESS NOTICE ON CORONAVIRUS COVID-19 DOCUMENT_pdf.exe

Associated Malicious Websites


• httpXX://soikeobongdahomnay[.]com/Ham/index.php
• httpXX://cscic.fundashonaltonpaas[.]org/cm/index.php
• httpXX://sportscambo[.]com/sisa/index.php
• httpXX://tokoonlinebaru[.]com/co/index.php
• httpXX://printlogz[.]com/ee/index.php
• http://printlogz[.]com/ee
• http://feenixlanguage[.]com/jog/index.php
• http://printlogz[.]com/ee/index.php
• httpXX://feenixlanguage[.]com/han/index.php
• httpXX://feenixlanguage[.]com/jog/index.php
• httpXX://hpindl[.]com/fe/index

Filed Under: Government Cyber Security

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version