Coronavirus malware scams return with a venegeance

Criminals are exploiting fears over the growing threat of coronavirus to trick users around the world with new online scams, experts have warned.

Research from security firm Proofpoint has found that email attacks using coronavirus as a hook are expanding in number and reach, with victims having personal and financial information stolen.

Some attacks are even spoofing official World Health Organisation (WHO) advice emails in order to make their scams appear more legitimate, with others claiming there is a worldwide conspiracy to hide the cure.

Coronavirus malware

Proofpoint's investigation found a number of distinct scams targeting users worried about the spread of coronavirus, along with attacks specifically targeting certain industries, with dedicated attacks against construction, education, energy, healthcare, industry, manufacturing, retail, and transportation companies.

In one attack, company employees were sent fake internal emails purporting to be from their firm’s president giving advice on what to do if affected by coronavirus – but in reality they are having their personal details stolen.

Another campaign claims there is a global conspiracy to cover up a cure for coronavirus, with victims told to click a link to find out the cure – but again, their personal details would be stolen through phishing sites.

A final campaign (pictured above) uses the logo of the WHO to spoof official advice emails, which trick users into downloading keylogging malware (AgentTesla) which can then record all keys pressed by the victim, potentially giving hackers access to online banking accounts.

The majority of attacks are being detected against Japan and the United States, although Proofpoint also saw large-scale incidents in Australia and Italy.

The company says it will continue to monitor the latest threats and issue advice where possible, with users reminded to, “be watchful and exercise caution where Coronavirus-themed emails and websites are concerned.” 

No comments yet.

Leave a Reply

in development