A division of GCHQ (Britain’s equivalent to the NSA) has warned the public to be on their guard against cybercriminals exploiting the Coronavirus outbreak.
The National Cyber Security Centre (NCSC) has described on its blog how criminals have spread malware via emails purporting to contain important updates about the COVID-19 outbreak, and that attempts have also been made to scam unsuspecting users and phish passwords and sensitive information.
In response to the Coronavirus-related cybercrime threat, the NCSC says it has taken steps to automatically discover and take down malicious sites exploiting the Coronavirus outbreak to serve up phishing attacks and malware.
The techniques being used by the criminals are no different from those seen in many past attacks, but the fact that they exploit the current Coronavirus pandemic means that there is a great chance that unsuspecting computer users will be tricked into falling for them.
In short, you might be more tempted right now to click on a link claiming to contain important information about Coronavirus than you would to click on a link in an email purporting to come from your bank.
In an attempt to strengthen the security of internet users, the NCSC is recommending that the public follow existing advice on how to spot and deal with suspicious emails, and how to protect against malware threats such as ransomware.
As many computer users are likely to be finding themselves in the unusual position of working remotely, perhaps without direct access to IT support teams who would normally be directly available to advise them on security, it’s particularly important that users are reminded of basic security practices.
Paul Chichester, Director of Operations at the NCSC reminded users to report cybercrime attacks to the authorities:
“We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak. “Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails. “In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”
In recent weeks there has clearly been an increase in cybercriminal exploitation of the Coronavirus crisis, with attempts to dupe users with malicious Coronavirus maps, phishing attacks which purport to come from the Center of Disease Control, and Coronavirus-related Android ransomware, amongst much much more.
It’s sadly easy to predict that things are going to get much worse before they get better. Get clued up about how best to protect yourself, your friends, and your colleagues.