Beware of COVID SCAMS!

Dave

Adventurist
Founder
Senior Staff
Editor
This is from one of our big gun Security+ White Hat IT guys, sharing it here for our members:

There will always be those that try to take advantage of any situation, the COVID-19 event is no different.
Scams are on the rise with all the changes in society these days, and more people looking to the Internet for answers.
Please read the warnings listed below in regards to current scams.

- Experts Detect 30,000% Increase in #COVID19 Threats InfoSecurity Magazine, 27 Apr 2020: Zscaler VP of security research, Deepen Desai, revealed in a blog post that the firm's cloud security platform had stopped 380,000 attacks targeting home workers in March, up from just 1200 at the start of the year.

This included the registration of 130,000 new suspicious domains featuring COVID-related keywords such as "test," "mask", "Wuhan" and "kit." The firm recorded a 25% increase in the number of malicious files and websites it blocked and an 85% increase in phishing attacks targeting remote workers over the three-month period.

These included spear-phishing attempts spoofed to appear as if sent by the IT or payroll department, and some that even used a CAPTCHA screen to try and fool security filters.

Others targeted consumers with government-themed phishing attempts designed to trick those looking to secure stimulus funds. Fake VPN software, COVID-themed mobile malware and even Nigerian 419 scams were also spotted by the Zscaler team, Desai said. Desai urged remote working employees and IT teams not to open links or attachments in unsolicited mail, to enable two-factor authentication, patch regularly and only stick to reputable sources for COVID-19 information.
-- https://www.infosecurity-magazine.com/news/experts-detect-30000-increase.

- Beware of COVID-19 Testing Scams Targeting!
While medical professionals in the U.S. and overseas are working hard to combat the coronavirus, some people are using this as an opportunity to take advantage of others. If you receive a call from someone offering to send you a COVID-19 testing kit, you could be the target of a scam. Know the testing process, Testing kit calls aren't the only way scammers are taking advantage of the COVID-19 outbreak. They're on social media, too.

The Securities and Exchange Commission recently put out a statement on avoiding coronavirus-related investment scams. When using social networks, like Twitter or Facebook, be wary of people you don't know who ask for money. If you use a mobile payment app, like Cash App or Venmo, don't give out your username or contact information to a person you don't know. If someone you know sends you a social media message about a COVID-19 fundraiser, call them before sending any money. It's better to be safe than sorry.

- Stimulus Payments are arriving! Don't get scammed!!
"If you get an official-looking check for more than what you were expecting - say, for $3,000 - the next call you're likely to get is from a scammer," warns the FTC. "They'll tell you to keep your $1,200 payment, and return the rest by sending cash, gift cards or money transfers." If you experience something like this, you can report it to the FTC. Keep in mind that the IRS will not call, text or email you. "Scammers are sending official-looking messages - including postcards with a password to be used online to 'access' or 'verify' your payment or direct deposit information," warns the FTC. "The IRS will not contact you to collect your personal information or bank account. It's a scam."
-- https://www.msn.com/en-us/money/per...-coronavirus-aid-money/ar-BB12zAYH?ocid=ientp

- Researchers found and bought more than 500,000 Zoom passwords on the dark web for less than a cent each.
-- https://www.businessinsider.com/500000-zoom-accounts-sale-dark-web-2020-4

- Are you "Zoom"ing at home? Then, you should read this article!
--https://www.cnet.com/how-to/how-to-prevent-zoombombing-in-your-video-chats-in-4-easy-steps/

- The Treasury Department and the IRS have both published statements on their websites. The IRS specifically is asking people not to call concerning the stimulus check. Business Insider also has an article containing details. Two people I know have shared bogus phone numbers on FB (1800-746-6373 and 1800-522-5633). I have been advising people to also Google the numbers. Several sites will let you know if a number has been listed as spam. Some even allow you to leave detailed comments.
-- LINK

-- https://phone-spam.com/ ; https://us.shouldianswer.net

:spartans:hoplite:spam
 
New Malware Associated With COVID-19-Related Scams

In recent weeks, security researchers have discovered and revealed various types of new malware and campaigns related to COVID-19. Throughout the COVID-19 pandemic, actors have drastically increased malicious activities that have a COVID-19 theme, as they appear to be successful in gaining the attention of victims and tricking them into clicking on a link or attachment for COVID-19 updates and information. Malware observed in these campaigns includes various kinds of ransomware, Remote Access Trojans (RATs), and destructive malware. They can be delivered to victims through a variety of methods and may be disguised in a link or attachment in phishing emails, text messages, and social media messages or posts.

The campaigns are widespread, targeting users around the world.

- CoronaLocker: CoronaLocker is ransomware designed to lock a user out of Windows. An email address belonging to the actors is displayed on the screen, requesting the victim to contact the actors to restore access.

- Coronavirus Wiper Malware: Coronavirus Wiper malware is destructive malware developed for use against Windows systems. Once a system is infected, the screen will display the message Your computer has been trashed.

- CoronaVirus Ransomware: CoronaVirus is ransomware that is distributed to victims via a fake website that appears to promote a legitimate system optimization software called WiseCleaner. The ransomware has been used in conjunction with KPot, which is a type of information-stealing malware. Once the data is stolen by KPot, CoronaVirus ransomware encrypts it and demands money from the victim in exchange for the data.

- ProjectSpy: ProjectSpy is the term for an ongoing campaign that uses spyware to target Android and iOS users. The spyware is disguised in an app called Coronavirus Updates and has been distributed to victims throughout Europe and the Middle East. Once installed on a victims device, the app is capable of stealing messages from other apps on the victims device such as Facebook, Telegram, and WhatsApp.

- BlueTea Action: BlueTea Action is a Trojan that is delivered to victims via phishing emails that contain the subject line The Truth of COVID-19. The emails contain an attachment carrying an exploit for a Microsoft Office remote code execution vulnerability.

SOURCES:

1. Cyware. Heres a List of Newly Discovered Malware That Tapped Into Coronavirus Fears to Infect Users.

Cyware Labs is a Threat Intelligence Sharing and Cyber Fusion product-based cybersecurity company headquartered in New York, USA.

https://cyware.com/news/heres-a-lis...to-coronavirus-fears-to-infect-users-f5edbccd

2. Bleeping Computer. New Coronavirus Screenlocker Malware is Extremely Annoying.

BleepingComputer.com is a premier destination for computer users of all skill levels to learn how to use and receive support for their computer.

https://www.bleepingcomputer.com/ne...s-screenlocker-malware-is-extremely-annoying/

3. Threatpost. Wiper Malware Called Coronavirus Spreads Among Windows Victims.

Threatpost is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.

https://threatpost.com/wiper-malware-coronavirus-windows-victims/154368/

4. Security Boulevard. CoronaVirus Ransomware. Security Boulevard is an online source for news, analysis, and education on issues facing cybersecurity.

https://securityboulevard.com/2020/03/coronavirus-ransomware/

5. Trend Micro. Coronavirus Update App Leads to Project Spy Android and iOS Spyware.

Trend Micro Inc. develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points.

https://blog.trendmicro.com/trendla...leads-to-project-spy-android-and-ios-spyware/
 
Back
Top Bottom