Attention: New COVID-19 scams

27. April, 2020

In the USA, the corona pandemic is delivering shocking record numbers. These include the number of fraud attempts around the pandemic and the financial losses it has caused. The US Department of Justice warns in several press releases about the most frequently reported fraud scams.

“Essentially, the COVID-19 attacks are the same or very similar in Austria.” says Joe Pichlmayr, CEO of IKARUS Security Software. Fear and the feeling of being powerless tempt people to react more carelessly and faster than usual. Therefore, double and triple check all offers in connection with the Corona virus – especially if they promise to buy an easy way out of the crisis. You should immediately pay attention to the following scenarios:

1. (Automated) calls or messages with offers for (fake) respirator masks, test kits, remedies or immunity pills

These (false) offers without any prospect of delivery are generally to be expected for all medical devices – especially as soon as the first drugs are available, but are still very limited. Then an explosion of fraud attempts can be expected!

2. Fraudulent appeals for donations in the name of real or invented aid organisations, for example in social networks

This fraud is yet to come, even though we have not seen such appeals for donations so far. There are two dangers in connection with the Red Cross: On the one hand, appeals on behalf of the RK, which will never receive the funds raised. On the other hand, calls to install the Corona app, which will be replaced by a malware.

3. Phishing attempts via the (false) promise of state aid payments when private data is provided

Sender data – email addresses as well as telephone numbers – can be falsified relatively easily. For example, a message may look as if it comes from a state institution, but the truth is that criminals are behind it. Pay attention to all details, including the usual procedures and processes. If something seems strange to you, end the conversation and contact them again via a different channel.

4. Representation as a governmental or other official organization to distribute harmful documents or to generate false donations

Prominent names or positions should impress and prevent us from looking more closely or questioning. If unexpected, apparently important news comes, special caution is therefore required. No government organization will contact you via your personal email address or call the population through a phone. Stick to official, reputable sources and always use them for a cross-check.

5. Offers of free COVID-19 tests against disclosure of insurance data

The insurance data is used for identity theft and to make fraudulent claims to the insurance companies. Please treat insurance data just as carefully as bank data and keep it secret!

6. Fake websites and apps for Corona that install Ransomware

Some already exist some will come. Stick to official sources of information and check exactly where you are ordering when shopping online. Be suspicious and do not accept tempting offers that seem too good to be true – most of the time they are not.

7. Phishing attempts targeting employees in smart working

The more different technologies are used, the more digital surfaces of attack there are. All devices and services must be appropriately secured. Over the distance, coordination within the company must not be neglected. Agree on binding guidelines (e.g. never give financial instructions by email) and, in case of doubt, actively question them. Please do not forget physical security when working smart! Never leave equipment unattended and watch out for prying eyes.

8. Promise state aid packages and state aid organizations with a focus on small businesses

New professional processes in the home office also open up new security gaps: from “boss tricks” to phishing calls and messages to software solutions that collect data unnoticed – unfortunately, there is something for everyone. So always be informed and alert!

9. Targeted attacks on organizations that currently benefit from increased online ordering

Many fake shop operators will also take advantage of this. Once again, keep your eyes open, check the imprint, do a reality check (are the goods and prices realistic or maybe too good to be true?) and make sure you use valid encryption and check marks.

Links:

Working safely from home

7 typical dangers when shopping online

Security tips to protect your data and devices

Red Teams, Blue Teams, Purple Teaming

Living Off the Land attacks

MSSP of the Year 2024

SIEM

What is a SIEM?

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download