Hackers, cybercriminals target victims with coronavirus fears, experts warn

Hackers, cybercriminals target victims with coronavirus fears, experts warn
Experts have observed malicious campaigns and bogus emails written in English, Italian, Chinese and other languages. File Photo courtesy Federal Bureau of Investigation/UPI

March 18 (UPI) -- Computer security experts are warning about a rise in cyberattacks that are seeking to capitalize on the coronavirus outbreak for financial and political gain.

Cybersecurity company FireEye and IBM's X-Force say cybercriminals from nations that include China, Russia, North Korea, Vietnam, India, Brazil and the United States are behind the efforts. Some, they say, include sending emails while posing as health organizations in attempts to infect victims' computers with malicious software.


Benjamin Read, senior manager of cyber espionage analysis at FireEye, said his firm has also observed espionage attacks targeting government entities as well as widespread financial-based plots.

"We've definitely seen some of it targeting individuals, also some going at corporations and really what the bad guys are seeking to do with that is going to vary based on who they get into," Read said. "The cybercrime ecosystem is very split up, so you have efforts that are very focused on getting initial entry."

RELATED China says U.S. making baseless claims after Trump tweet

He said FireEye has determined hacking groups typically track events online based on what potential victims are most likely to click on, increasing the risk as concern over the virus continues to grow.


"The global reach of these is more reflective of the global interest than any specific geopolitical ties," he said.

FireEye and X-Force have both observed malicious campaigns and bogus emails written in English, Italian, Chinese and other languages that contain links and file attachments purporting to contain vital information about the outbreak of the coronavirus.

RELATED UNICEF: $840,000 needed for North Korea COVID-19 response

"We have seen samples of spam claiming to be from the World Health Organization, Chinese Health Ministry and Japan Health Ministry distributing malware, and links to various online shops trying to scam the user by selling face masks that claim to protect against coronavirus," IBM X-Force security analyst Ashkan Vila said.

The WHO has issued a warning about such attacks and outlined what legitimate emails will look like, and the U.S. Secret Service also advised Americans to watch out for "phishing" attacks related to the coronavirus.

Earlier this week, the National Security Council also warned about false rumors being spread by text message of a national quarantine in the United States -- and the Department of Health and Human Services was targeted by hackers who overloaded its servers for hours.

RELATED Coronavirus infects all 50 states; deaths surpass 100

Vila said cybercriminals' main goal is finding money, via stolen credit card data or mining valuable personal data to sell on the "dark web." Experts say their main tactic to steal valuable information is trumping up fear about the coronavirus.


"These threat actors often like to use the fear and panic of people concerned about COVID-19 to bypass their natural skepticism they might have for an email they're seeing," Vila noted.

So far, experts say, most attacks and efforts have centered on bogus health emails that contain attachments or a link of some kind. The best way to avoid being victimized, they add, is for people to be skeptical. Don't open attachments or click on any hyperlink contained in suspicious emails from unknown sources, and do your best to confirm the origin of the emails.

Another way to avoid being fooled, they say, is to never use your official work email account to sign up for personal services.

"The more you use your business email address for registering for personal accounts like social media, subscriptions and other services, the more likely it might get used by spammers," Vila said. "This helps to ensure that you are only receiving emails that you expect to receive."

Latest Headlines


Follow Us