It is a known fact that cybercriminals love to hijack global news headlines to spread their scams and increase their profits. This approach has reached a new moral low recently as cyberattackers threaten to deliberately infect people not with ransomware or malware, but with the coronavirus itself.
The ethics and morals of cybercriminals have always been, of course, questionable. And while some ransomware groups like Maze and DoppelPaymer recently promised to refrain from attacking healthcare organizations during the COVID-19 pandemic, that was far from a solid cease-fire. Other groups, like Netwalker Ransomware, for example, are showing no signs of reluctance.
Cybercriminals are known for their ability to quickly adapt to new themes and techniques in order to maximize profits. One of the most recent scams is a riff on the so-called ‘sextortion’ email.
In the classic variant of this scam, a criminal claims to have compromised a user’s email account and possess access to their digital life. With this access, the criminal says they have recorded a webcam video of the user visiting erotic web sites – followed-up by a typical blackmail approach, where the victim is asked to transfer bitcoins in order to prevent the embarrassing video from being published to the internet.
Though such an attack is plausible, in this scam, the attacker is fibbing. They’ve never actually compromised the user’s account. Instead, they convince the user by displaying an old password, one which was acquired from a past data breach that has been made public.
Unfortunately, many people fall for this type of deception. In the example shown below, a sextortion attack convinced eight people within four days to make payments, putting a total of 1.28 bitcoins into the cybercriminal’s pocket (currently worth more than $10,000). With thousands of such emails in circulation, just imagine the larger profit potential for these attacks.
Recently, we came across a new variation of the sextortion scam. As with the original, a cybercriminal uses a previously leaked password to convince the user they have gained access to their system. Then, instead of threatening to release a recorded video, the criminal threatens the very life of the user.
In this new version, cybercriminals claim to know the exact location and daily routines of the victim. They further declare that they “could even infect your whole family with the CoronaVirus” unless the attacker is paid $4,000 in bitcoins. The emails are sent either from random spoofed email addresses or real email accounts that have been compromised and could be known to the victim. Fortunately, we are not aware of any real-life incidents of the scammers following through with their threat.
While this is not the first time scammers have threatened physical consequences (in the past, we saw scam campaigns where criminals threatened to have their victims beaten up if they refused to pay), the current pandemic has certainly upped the ante.
Unfortunately, the list of COVID-19 themed scams and malware grows every day. We must all be wary of this example and others, like the charity scams pretending to gather donations for the World Health Organization, or others taking advantage of the current work from home (WFH) situation to pose as IT departments and convince users to install malicious software.
How to Protect Against the Scam
First, don’t panic.
Do not get scared by these criminals. They do not know you, nor do they have access to your computer. Try to ignore their messages, even if they sound disturbing.
Don’t pay either.
Once you’ve paid money, you will never get it back – and you might be attacked more frequently, since you’ve shown the attacker you are a profitable target.
Use strong passwords.
Use strong, unique passwords for different services and applications. If possible, enable multi-factor authentication to bolster security even more. A password manager can help you remember all your different passwords.
Institute mandatory cyber awareness training.
As an organization, you should implement an awareness training program for your employees that they can easily access from their WFH device. Also, make sure your employees know how to report phishing or scam emails to your IT department.
Update all relevant systems.
Ensure that all your systems are up-to-date with the latest patches and that you are using a comprehensive cyber protection solution to automatically protect you from the newest cyberattacks.
#CyberFit for the Future
Finally, consider upgrading your organization’s traditional backup tool to a solution that focuses on cyber protection, a combination of data protection and cybersecurity, like Acronis SCS Cyber Backup 12.5. Our easy-to-use software includes AI-based anti-ransomware protection, providing your organization with a safety net against even the most destructive and pervasive strains of ransomware, including zero day attacks.
Stay alert out there – and take proactive steps to protect your organization from becoming the next victim and suffering the costly data loss and downtime that often follows.