COVID-19 Newsletter Phishing

COVID-19: UPDATED Criminal Scams Seek to Exploit COVID-19 Fears

Multiple organizations, including the World Health Organization (WHO), have issued warnings that scammers are seeking to use the current outbreak of COVID-19 for personal gain. The Office of Information Security has compiled the following resources and information to assist anyone who fears they may fall victim to one of these scams. It is important to note that while COVID-19 is the topic in question at this time, these tools and tips offer good advice for avoiding scams during any time of crisis.

Fraudulent COVID-19 Benefit Payment Phishing Email

The Office of Information Security has received reports of phishing on our campuses involving supposed payments related to the COVID-19 pandemic. This specific criminal activity involves telling users that they can obtain a payment (in this case from ‘Google Technology Company’) as part of a “package” that is “earmarked for” people who have been directly financially impacted by the COVID-19 pandemic. The email goes on to ask the recipient for their bank name, account number, routing number, and Social Security Number. Below, you will find an example of the fraudulent message.

Additional information about this phishing threat

Phish from “Local Hospital” Indicating COVID-19 Exposure

This scam involves cyber-attackers posing as representatives of local hospitals, sending out e-mails informing recipients that they have been exposed to COVID-19 and will need testing. The content of the e-mail often states that the recipient has been in contact with a colleague, friend, or family member who has tested positive for COVID-19. The e-mail also instructs users to download an Excel file that they will need to take to an emergency clinic. This Excel file contains malicious macros that are designed to download malware to the user’s computer.

If you receive an e-mail such as this or any other suspected phishing attempt, please do not click on any links or download any files from the e-mail. Simply forward the e-mail to phishing@wustl.edu and delete the e-mail from your inbox.

Cyber Attackers Exploit Vulnerabilities amid Surge in Remote Work

As we transition to remote work in response to the coronavirus pandemic, cyber attackers seek new opportunities to exploit unsuspecting users. Reports of ransomware attacks, phishing attempts, and scam websites are on the rise around the world, especially targeting those who work at universities and medical institutions. While we take our work to our home networks, we should exercise additional caution to avoid these criminal opportunists. Home networks are often less secure than institutional networks, which are supported by staff and features to keep users safe. Continue reading…

Fake Online Coronavirus Map Delivers Malware

A malicious website pretending to be the live map for Coronavirus COVID-19 Global Cases by Johns Hopkins University is circulating on the internet waiting for unwitting internet users to visit the website. Visiting the website infects the user with a Trojan, an information-stealing program. It is likely being spread via infected email attachments, malicious online advertisements, and social engineering. The malicious site is listed as “corona-virus-map.com”.

The real map from Johns Hopkins University can be found at the following URL:

https://coronavirus.jhu.edu/map.html

Resources for avoiding COVID-19 scams

FBI Public Service Announcement: FBI Sees Rise in Fraud Schemes Related to the Coronavirus Pandemic

FBI Sees Rise in Fraud Schemes Related to the Coronavirus Pandemic

Federal Trade Commission: How to Donate Wisely and Avoid Charity Scams

https://www.consumer.ftc.gov/features/how-donate-wisely-and-avoid-charity-scams

World Health Organization: Be Aware of Criminals Pretending to be WHO

https://www.who.int/about/communications/cyber-security

Stay Safe Online: COVID-19 Resource Library

COVID-19 Resource Library

Cybersecurity and Infrastructure Security Agency (CISA): CISA Information and Updates on COVID-19

https://www.cisa.gov/coronavirus

Harvard Business Review: Will Coronavirus Lead to More Cyber Attacks

https://hbr.org/2020/03/will-coronavirus-lead-to-more-cyber-attacks

Further reading about COVID-19 scams

Bleeping Computer: FBI Warning, Phishing Emails Push Fake Govt Stimulus Checks

https://www.bleepingcomputer.com/news/security/fbi-warning-phishing-emails-push-fake-govt-stimulus-checks/

TechCrunch: Be on guard for coronavirus robocalls, warns FCC

Be on guard for coronavirus robocalls, warns FCC

UN News: UN health agency warns against coronavirus COVID-19 criminal scams

https://news.un.org/en/story/2020/02/1058381

Vox: Coronavirus email scams are trying to cash in on your fear

https://www.vox.com/recode/2020/3/5/21164745/coronavirus-phishing-email-scams

ZDNet: Nasty phishing scams aim to exploit coronavirus fears

https://www.zdnet.com/article/nasty-phishing-scams-aim-to-exploit-coronovirus-fears/

Business Insider: Coronavirus Ransomware on Android

https://www.businessinsider.com/coronavirus-fake-app-ransomware-malware-bitcoin-android-demands-ransom-domaintools-2020-3

Healthcare Info Security: Coronavirus, The Public Health Cybersecurity Issues

https://www.healthcareinfosecurity.com/interviews/coronavirus-public-health-cybersecurity-issues-i-4613

Malwarebytes Labs: Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book

Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book

What to do if you think you are being targeted by a scammer

Please forward any suspicious emails to phishing@wustl.edu. You can also reach out to the Office of Information Security with any questions or concerns by emailing infosec@wustl.edu.