Coronavirus Cyber Attack Investigation
Digitpol's Cyber experts step in as criminals seek to exploit Coronavirus fears.
Criminal gangs are exploiting the corona virus to commit cyber related crimes. During this period, Digitpol has appointed an incident response team to provide rapid response to business that are effected by a cyber attack, data breach, malware or other forms of cyber attacks. If your business has suffered a cyber attack, contact Digitpol for assistance.
The public are being urged to follow online safety advice as evidence emerges that criminals are exploiting the Coronavirus online. Digitpol's advise is for the public to follow only information from government sources such as your local government or national government website.
Experts from the National Cyber Security Centre have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit COVID-19. Techniques seen since the start of the year include bogus emails with links claiming to have important updates, which once clicked on lead to devices being infected. These ‘phishing’ attempts have been seen in several countries and can lead to loss of money and sensitive data. These attacks are versatile and can be conducted through various media, adapted to different sectors and monetised via multiple means, including ransomware, credential theft, bitcoin or fraud.
Cornonavirus Scam Examples
Undelivered goods: Online sellers claim they have in-demand products, like cleaning, household, and health and medical supplies. You place an order, but you never get your shipment. Anyone can set up shop online under almost any name — including scammers.
Counterfeit medical equipment, face masks, hand sanitisers, wipes and ventilators are the focus of cyber criminals. Read more about COVID19 Scams
What to do: Check out the seller by searching online for the person or company’s name, phone number and email address, plus words like “review,” “complaint” or “scam.” If everything checks out, pay by credit card and keep a record of your transaction. If you’re concerned about the pricing of products in your area, contact your state consumer protection officials. For a complete list of state Attorneys General, visit naag.org.
Fake charities: When a major health event — like the Coronavirus — happens, you might be looking for ways to help. Scammers use the same events to take advantage of your generosity. Some scammers use names that sound a lot like the names of real charities. This is one reason it pays to do some research before giving. Money lost to bogus charities means less donations to help those in need.
Fake emails, texts and phishing: Scammers use fake emails or texts to get you to share valuable personal information — like account numbers, Social Security numbers, or your login IDs and passwords. They use your information to steal your money, your identity, or both. They also use phishing emails to get access to your computer or network. If you click on a link, they can install ransomware or other programs that can lock you out of your data. Scammers often use familiar company names or pretend to be someone you know. Here’s a real-world example of a scam where phishers pretend to be the World Health Organization (WHO).
A fake email has the logo of the World Health Organization on it. (Sophos Ltd.)
Other scammers have used real information to infect computers with malware. For example, malicious websites used the real Johns Hopkins University interactive dashboard of Coronavirus infections and deaths to spread password-stealing malware.
Phishing: malicious emails appearing to be from Word Health Organisation
- give sensitive information, such as usernames or passwords
- click a malicious link
- open a malicious attachment.
How to prevent phishing:
- Verify the sender by checking their email address. Make sure the sender has an email address such as ‘email@example.com’ If there is anything other than ‘who.int’ after the ‘@’ symbol, this sender is not from WHO.For example, WHO does not send email from addresses ending in ‘@who.com’ , ‘@who.org’ or ‘@who-safety.org’.
- Check the link before you click. Make sure the link starts with ‘https://www.who.int’. Better still, navigate to the WHO website directly, by typing ‘https://www.who.int’ into your browser.
- Do not rush or feel under pressure. Cybercriminals use emergencies such as 2019-nCov to get people to make decisions quickly. Always take time to think about a request for your personal information, and whether the request is appropriate.
- If you gave sensitive information, don’t panic. If you believe you have given data such as your username or passwords to cybercriminals, immediately change your credentials on each site where you have used them.
- If you see a scam, report it. If you see a scam, tell us about it.
Digitpol’s computer forensics experts investigate, analyse and recover forensic data from computers, portable devices and hard disk drives.
We specialize in recovery of data from mobile phones and portable devices. We recover SMS, Calls, Emails, Media, VoIP data, GPS, Internet History, Whatsapp, Viber, Signal, Telegram, Deleted Data, Cloud Sources and all Cell ID Data.
Cloud data sources represent a virtual goldmine of potential evidence for forensic investigators. Together with mobile device data, they often capture the details and critical connections investigators need to solve crimes. Digitpol can access cloud sources and recover data contained in cloud services.