[BreachExchange] Coronavirus Isn’t the Only Virus Going Around

Tue Mar 17 10:10:47 EDT 2020

https://www.riskbasedsecurity.com/2020/03/13/coronavirus-isnt-the-only-virus-going-around/

It has only been two days since our last article on modern phishing
attempts, but unsurprisingly, malicious attackers will always find new
ways to target individuals and organizations. This time, hackers are
installing malware on computers and harvesting user credentials by
preying on people’s curiosity and fear of the coronavirus (COVID-19).

Business Insider recently reported that attackers are spreading false
COVID-19 dashboards, which in many cases infect computers with malware
when opened. In addition, there are other reported attacks where
scammers pose as the CDC, advising that there are new COVID-19 cases
reported in the user’s city and requesting that they follow a link to
learn more.

>From there, clicking the provided URL covertly redirects the user to a
spoofed login page. If the user completes the process by providing
their credentials, they are now compromised.

Methods of Prevention

Unfortunately, the continued use of old phishing attacks has proven
that preaching abstinence from clicking unverified links doesn’t bring
the desired outcome. Especially in a situation like this, where
virtually the entire world has its eyes on the latest COVID-19
developments.

COVID-19 #Coronavirus Data Pack

STICK TO RELIABLE SOURCES

For those who want a reliable source of information regarding
COVID-19, John Hopkins University and The New York Times have
reliable, non-malicious trackers.

TIPS FOR YOUR COWORKERS

As always, be extremely cautious when it comes to hyperlinks (we can’t
say this enough). You cannot trust where it will take you if you do
not 100% trust the source.

In situations where you land on a website that seems suspect, there
are a few general steps you can take to help verify its authenticity:

Check the URL – Make sure that the URL matches the content; especially
if the content is a routine for you. We tend to let our guard down
with things that are familiar. See one of our previous articles for
some examples.
Check the hyperlink preview – In our last post, we examined a fake
forum that enticed users to click a suspicious link that was disguised
as a .torrent file. If the hyperlink is attempting to completely
redirect you to an unrelated site, don’t click.

Ex. google.com
(This is safe to click, unless you really don’t like Ask.com)
Read the language – Comb through for blatant spelling/grammatical
errors. Aside from that, phishing attempts can be pretty good at
projecting extreme urgency. If you are in a panicked state of mind,
you are less likely to question a request. So think logically, and use
your better judgment.
Follow your organization’s security guidelines – Guidelines exist for
a reason. Organizations have countless endpoints in their networks and
it only takes one mistake for a compromise. Let’s all do our part to
help prevent attackers from profiting from times like these.

It can sometimes be difficult to differentiate fact from fiction. But
if we all keep a level head and maintain a healthy level of scrutiny,
we can help prevent a different kind of outbreak for our
organizations.

In time, COVID-19 will come under control if we all do our part. In
the meantime, we must ensure that efforts to exploit this global
pandemic go unrewarded.