In the midst of a global coronavirus (COVID-19) pandemic, hackers are not letting a disaster go to waste and have now automated their coronavirus-related scams to industrial levels.
According to multiple reports, cybercriminals are now creating and putting out thousands of coronavirus-related websites on a daily basis.
Most of these sites are being used to host phishing attacks, distribute malware-laced files, or for financial fraud, for tricking users into paying for fake COVID-19 cures, supplements, or vaccines.
THINGS ARE NOW WORSE THAN EVER
While some sheepish coronavirus email scam campaigns started making their presence felt online in early February, things have now reached their peak.
Malware gangs are now regularly using coronavirus email lures to trick users into downloading malware, and even state-sponsored hacking groups have jumped on the trend and adopted similar tactics. This new trend/practice has become so obvious that the UK National Cyber Security Center (NCSC) felt obliged to send out a security alert on Monday about the rise in coronavirus-related email phishing campaigns.
But as the coronavirus pandemic slowly spreads from the few countries it initially affected, the entire world is also becoming more entranced with the topic.
This gives cybercriminals more ample opportunities to trick users into either downloading and installing malware or purchasing fake products.
Over the course of the last week, several security researchers have noted a spike in the number of coronavirus-related domains, with attacks growing in conjunction with the disease’s spread.
From tens a day in February, there are now thousands of new domains popping up daily, containing terms like coronavirus, covid, pandemic, virus, or vaccine.
A security researcher who goes online by the name of DustyFresh began tracking some of these domains last week. According to a list the researcher shared online, crooks have created more than 3,600 new domains that contain the “coronavirus” term between March 14 and March 18.
Some are legitimate sites, but the vast majority are domains used for online fraud, malware distribution, or obvious scams, peddling vaccines and supplements.
By Catalin Cimpanu | March 18, 2020