As we talked about in previous articles, in these days of crisis where most people show responsibility and solidarity, there is still a small part committed to doing harm.
And not only do they take advantage of laxer security measures or of the fact that employees working from home may be easier to fool than when they are in the office, but they directly use the health emergency situation with the coronavirus to take advantage of the people’s alarm to trick them.
The damage is not only economic (as in ransomware cases), but sometimes it seeks to destabilize and do damage, such as applications that give false diagnoses of the disease, with the risks that this can pose.
In recent days, numerous cases, with different objectives, of infection attempts with malware (malicious programs) have been detected.
The Spanish National Police have warned of a massive mailing to health personnel that includes a virus that seeks to damage hospital computer systems.
In this other alert issued by INCIBE (Spanish National Institute of Cybersecurity), it is warned that malware linked to Covid-19 is being distributed, impersonating several companies by email.
Cases of SMS messages have also been detected, offering the possibility of obtaining health masks, directing the victim to a false website where they are asked for their data (including credit card details). And the message is also forwarded to all victim’s contacts.
And there are numerous cases of ransomware. This type of malware that has been doing so much damage to companies in recent years is using the coronavirus as a hook. For example, in the case of the CovidLock ransomware, it seeks that people interested in informing or protecting themselves access a web page where they will become infected with this malicious program, blocking their terminal and asking for an economic ransom to recover it.
Fake News & Hoaxes
Finally, we are faced with another more complicated situation, which is the one generated by certain people who seek to destabilize society and intentionally cause harm. The most widely used methods are fake news and hoaxes.
Fake news aim to generate states of opinion using manipulated or directly false information. In these last days, numerous supposed publications by scientists or governments are circulating that are not real, but can cause social alarm and that people even act in a way that is detrimental to themselves and to the public as a whole, like suggesting that people should hoard large amounts of essential products. Their objective is usually political, seeking to destabilize other countries, the stock markets or affect the perception people have of governments or political parties.
Hoaxes are false information that are often created with the intention of causing damage. They are usually messages with recommendations from an acquaintance, or the friend of a friend “who is a doctor”, or recordings supposedly made by an expert. They are also very dangerous, because they create unjustified alarm and they also make people feel confident taking some precautions or home remedies that are useless in the face of the pandemic we are experiencing. In this example, Local Police from the Spanish town Pinto warns of a circulating hoax that calls people to hoard products in the face of an imminent state of emergency and is totally false.
In both cases (fake news and hoaxes), our recommendation is to never forward these types of messages if they are not properly verified. Any news can be checked in the traditional media (television channels, physical or digital newspapers, radio), so if you receive information or alleged news and really want to help, what you need to do is look for it in a trusted media and send the link to that news; and, if you cannot find it, break the chain and notify the contacts who have received the message.
For all of the above, in general and in the current situation in particular, you must be very alert to threats from:
- Phishing (email / Whatsapp / SMS)
- Malware: virus and ransomware
- Fake News / Hoaxes
Let’s protect ourselves and thus we will protect our organizations and all of society.
Contact Kymatio now to strengthen the organization’s cybersecurity posture.