Coronavirus Phishing Emails on the Rise

Coronavirus
WASH YOUR HANDS

A global health disaster like coronavirus is a golden opportunity for criminals looking to steal your personal information or money through Coronavirus Phishing Emails.

Portions of this article were reprinted from the website of consumer advocate, Herb Weisbaum, also known as Consumerman. His website is here: https://consumerman.com/

If you got an email from the Centers for Disease Control and Prevention or the World Health Organization about the Coronavirus outbreak, would you read it? Maybe click on a link? Cybercriminals are counting on it!

The outbreak is a dream come true for criminals who will use it as basis for email attacks designed to snag personal information, steal money and infect computers with malware.

Coronavirus phishing emails are on the rise. Malicious emails linked to the Coronavirus first appeared in early February, making it one of the first big phishing campaigns of the year.

“A global health disaster like this one, creates a golden opportunity for fraudsters, as there is no population or demographic that is not paying attention. As a result, the potential for impulse clicking is higher than normal,” said Adam Levin, a digital security expert who is chairman of CyberScout, a data security firm, and the author of “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves.”

The bogus emails look legit

Coronavirus Phishing Emails may look legit, but they’re not! Those who click on the provided link in the email will wind up on a site created by criminals to steal the victims’ email credentials.

With the current Coronavirus phishing emails, fraudsters are designing their emails to look like they’re coming from the CDC or the WHO. They typically have an attention-grabbing subject line, such as “Coronavirus outbreak in your city (Emergency)” and often include the agency’s logo — cut and pasted from the real website — to add credibility.

At first glance, the sender’s email address appears to be legitimate, for example cdc-gov.org or cdcgov.org. The crooks create domains that are very close to the real CDC site — cdc.gov — making the deception easy to miss.

Even though the link looks like it will take you to the CDC.gov website about the Coronavirus, it will not.

You will instead, land on a fake Microsoft Outlook login page, created by the crooks to steal user names and passwords. Criminals control this fake Outlook page. There is no reason to provide login credentials to visit a public website, such as the CDC.

“Once they capture your login credentials, they can use them to get access to your email account and look for anything worth stealing.

BUT IT GETS WORSE

The bad guys have taken things to the next level, using the Coronavirus to infect computers with Malware!

Emails impersonating the CDC include attachments to click on that proclaim the need for the reader to open it to get advice on how to protect yourself. If you open this attachment, it will download Malware or Ransomware onto your computer.

Ransomware locks out all of your computer files and demands a ransom payment to unlock your files. I have written more extensively about Ransomware in a prior article that you can read here.

Just remember that health agencies are NOT sending out mass emails about Coronavirus. There are plenty of legitimate news websites and the CDC website, CDC.gov  itself with important updates and everything you need to know about the Coronavirus outbreak.

How to protect yourself from coronavirus scams

You need to be skeptical of any email that asks you to click on a link or open an attachment — even when the email seems legitimate.

In most cases, you can probably get the information you need by typing in the URL yourself. For the latest on the Coronavirus outbreak go directly to the CDC website.

TIPS TO PROTECT YOURSELF:

  • Don’t be taken in by the sender’s name.Scammers can put any name they like in the “from” field.
  • Look out for spelling and grammatical errors.Not all crooks make mistakes, but many do. Take extra time to review messages for telltale signs that they’re fraudulent.
  • Check the URL before you type it in or click a link.If the website you land on doesn’t look right, steer clear. Do your own research and make your own choice about where to look.
  • Never enter data that a website shouldn’t be asking for. A site that’s open to the public, such as the CDC or WHO, will never ask for your login credentials.
  • If you realize you just revealed your password to impostors, change it as soon as possible.The crooks try to use stolen passwords immediately, so the sooner you change your password, the more likely you are to stop them for doing anything malicious.
  • Never use the same password on more than one site.Once crooks have a password, they’ll try it on every website where you might have an account, to see if they can get lucky.
  • Turn on two-factor authentication (2FA), if you can. Yes, it’s a slight inconvenience to enter a six-digit code when you want to log on, but it’s a huge barrier for the crooks. With 2FA, a stolen password, by itself, is useless to them.

Prevention, Symptoms and Treatment of COVID-19

There’s currently no vaccine to prevent COVID-19. The best way to prevent illness is to avoid being exposed to this virus. The CDC recommends preventive actions every day to help prevent the spread of respiratory diseases, including:

  • Avoid close contact with people who are sick.
  • Avoid touching your eyes, nose and mouth.
  • Stay home when you’re sick.
  • Cover your cough or sneeze with a tissue, then throw the tissue away.
  • Clean and disinfect frequently touched objects and surfaces using a regular household cleaning spray or wipe.
  • Follow CDC’s recommendations for using a face mask. (see below)
  • Wash your hands often with soap and water for at least 20 seconds, especially after going to the bathroom, before eating and after blowing your nose, coughing, or sneezing or being out in public.
  • If soap and water aren’t available, use an alcohol-based hand sanitizer with at least 60% alcohol. Always wash hands with soap and water if hands are visibly dirty.

MORE TIPS FROM THE CDC:

The CDC doesn’t recommend that people who are well wear a face mask to protect themselves from respiratory diseases, including COVID-19.

Face masks should ONLY be used by people who show symptoms of COVID-19 to help prevent the spread of the disease to others. The use of facemasks is also crucial for health workers and people who are taking care of someone in close settings.

Reported illnesses have ranged from mild symptoms to severe illness and death for COVID-19 cases, the CDC said. Symptoms may appear two to 14 days after exposure to the virus and include fever, cough and shortness of breath.

There’s no specific treatment recommended for COVID-19. People with COVID-19 should get care to help relieve symptoms. For severe cases, treatment should include care to support vital organ functions, the CDC said.

People who think they may have been exposed to COVID-19 should contact their healthcare provider immediately.

MALWARE – Malicious Software

You’ve probably heard the term Malware, but do you really know what it is and how it gets onto your devices?

Malware refers to malicious software that is unwittingly downloaded on your computer or other devices. Once downloaded, you will more-than-likely become a victim of identity theft.

Malware
My Malware Protection Recommendation

Malware Infections Happen in Several Ways: 

Links or Attachments in Emails & Text Messages: You may open an attachment or click on a link in a phishing email or text message. Fraudsters will include links with an urgent message to entice or require you to click on them. In other words, the message is crafted to convince you that there is a need for you to take action or suffer the consequences of your inaction.

Fake Websites: Scammers often create authentic-looking, but fake websites, to trick you into entering your personal information. You may think you’re purchasing merchandise at a great price, or applying for a job, or perhaps you clicked on an article that caught your interest. Oftentimes, you just landed on a fake website because you typed the website address incorrectly by misspelling it or clicked on the wrong website during an internet search.

E-cards: These electronic cards are a fun and inexpensive way to celebrate a special occasion or holiday. But e-cards can be dangerous if they do not originate from a well-known e-card website. If someone sends one of these to you and it originated from a fake website, you may download Malware instead of an e-card.

Scammers: The “Tech Support Scam” is a good example of how it’s done.  An imposter, claiming to be from Microsoft, contacts you. They manage to convince you that your computer is infected with a virus. Next they ask you to give them control of your device, so as to assist you with getting rid of the virus. Alternatively, the imposter may convince you to download a program from their fake website to help erase the virus. Just realize that whichever of these options you choose, you will instead, be actually infecting your computer with Malware.

Once Malware is installed – you have opened yourself up to identity theft.

The malicious program will allow a criminal to have access to all the files on your computer. If you have any files that have personal information, such as copies of your credit report, tax return, bank or financial statements, the criminal will then be able to view all of these files.

Additionally, all the email addresses of those in your contact list will be readily available to exploit. The criminal will use the Malware program to send SPAM emails to everyone in your contact list – which will include tainted malicious links or attachments. Recipients of these SPAM emails, will think it is safe to open them, because the email came from you. As a result, everyone in your contact list can easily be infected with the same Malware.

Worst of all, the Malware program gives the criminal the ability to log (read) your keystrokes. This keystroke-logging program allows them to capture the pins, passwords, credit card or other personal information whenever you type them, via your keypad.

Moral of the story: 
  • NEVER click on links or open attachments in email or text messages.
  • Be wary of emails containing links or attachments even IF they appear to come from someone you know.
  • Type all website addresses very carefully.  Take notice how easy it is to misspell a web address or add or miss a letter. For example: ammazon.com or amzon.com or amazon.cm
  • Be careful what you click on when browsing the internet, including Ads, surveys or discount coupons – even on legitimate websites.
  • Don’t open e-cards unless you’re sure it’s legitimate. Do not open it if the sender is unknown to you.
  • Never give control of your computer to anyone you don’t know or trust.

FBI Warns of Router Vulnerabilities

Router Vulnerabilities

The FBI is sounding the alarm and giving an official warning about router vulnerabilities. Apparently, foreign hackers are using a type of malware called “VPN-Filter” to target routers around the world. These router security vulnerabilities were present in many of the most popular router brands.

Your router is often one of the most overlooked of all your computer devices. Realize that hackers can and often do break in to a router, just as easily as any other device on your computer.

Router Vulnerabilitles
Check for updates every 90 days

 

SO WHAT IS A ROUTER ANYWAY?

A router is defined as a hardware networking device that routes data from one computer network connection to another, on the internet. It performs traffic directing functions that allow authorized machines to connect to other computer systems. They are in essence electronic devices that join multiple computer networks together.

If your router becomes compromised, the security of all the devices that utilize that router, are in jeopardy. Once infected, Malware causes the router to block all network communications, thus rendering your router inoperable.

ADVICE FROM THE F.B.I.

According to the FBI, this Malware is difficult to detect and defend against. Therefore, the FBI is recommending that owners of home offices and small office routers should immediately reboot their routers. By doing so, it can disrupt this newly discovered Malware. The FBI is also recommending that, if you have not already done so, immediately change the “default” password and choose a new strong and long password.

Lastly, the FBI is also advising everyone to upgrade to the latest version of their router’s firmware.  Unfortunately, the companies that produce routers don’t automatically notify you when an update is available. So, it is up to you to look for them and download them yourself.

In order to do so, you need to use your internet browser to log into your router, using your router’s IP address. By default, most router manufacturers use 192.168.0.1 or 192.168.1.1 as the IP address.

Alternatively, using Windows 10 you can find your IP address by going to your Settings and choose the Network and Internet icon. Next choose Ethernet and click on your network. Then scroll down to Properties to find it.

It is recommended that you check for updates every 90 days. Below are the links to more information for updating the most popular brands of routers.

Apple:   https://support.apple.com/en-us/HT201519

Asus:  https://www.asus.com/microsite/2014/networks/routerfirmware_update/

D-Link:  http://support.dlink.com/

Linksys:  https://www.linksys.com/us/support-article?articleNum=135561

Netgear https://kb.netgear.com/23442/How-do-I-update-my-NETGEAR-router-firmware-using-the-Check-button-in-the-router-s-web-interface

SCAN YOUR ROUTER FOR ANY BREAK-INS

Using the link below will enable you to check your router for any break-ins.  It is a safe and free service that is specially designed to scan your router to make sure there are no hackers lurking in your router.

Here is the link:

https://www.f-secure.com/en_US/web/home_us/router-checker

Just click the “Check Your Router” icon and you’ll receive an instantaneous report.

TECH SUPPORT SCAM EVOLVES

Here’s the low down on the Tech Support Scam

In a nutshell, the tech support scam aims to freeze your computer or internet browser in order to trick users into calling tech support scammers. These scammers then try to steal your personal data by either scaring you into providing your credit card info – to fix the problem; OR even worse, letting them have access to your computer.

First of all, Microsoft, Apple or any other legitimate company would NOT contact you to tell you that your computer has a virus. Secondly, it’s never wise to trust a total stranger, who asks for your personal info or requests access to your computer. If your computer appears to be problematic, it’s always best to have a legitimate company or someone you know and trust to troubleshoot the problem.

In the tech support scam, the scammer will try to convince you that your computer is infected with a virus by offering you to visit their website and do a virus scan. The result of that phony virus scan will always show that your computer is infected. This is part of the ruse to convince you that there’s a problem. As a result, you are more willing to cough up your credit card information or allow them computer access. Many times, if you just restart your computer, the problem will go away on its own (especially if you clicked on a popup).

Tech Support Scam

 

BEWARE OF A NEW TWIST TO THE ORIGINAL TECH SUPPORT SCAM!

Now there’s a new way these con artists are pulling off this tech support scam that is even more convincing! It infects your internet browser, whether it be Google Chrome, Firefox or Brave.  While browsing on the internet, your computer suddenly locks up for no apparent reason. An error message appears on your screen, which has hidden malicious coding (Malware). This Malware is the reason your browser locked up in the first place.

The resulting error message has a phone number for you to call. When you call the number provided in the error message, the imposter poses as a technology firm representative. The imposter proceeds to convince you to provide personal & financial information, so they can fix your computer. Do NOT fall for this scam and do not ever give them access to your computer!

I use and recommend a wonderful company called Malwarebytes to help protect my computer from Malware. According to Malwarebytes’ leading intelligence analyst, Jerome Segura, the bug in the error message renders your browser “unresponsive” and makes your windows operating system “unstable”. When the browser is locked by the malicious code, hidden in the’ fake’ warning, the message then attempts to deceive you into calling them to fix the problem.

The warning message you get on your computer will look legitimate and is designed to make you feel helpless to remedy the problem yourself. The idea behind this scam is to render your browser so unstable – that you panic and decide that you have no other choice but to seek their support.

SCAM EASILY BLOCKED –  HERE’S WHAT TO DO

If you use Google Chrome, you can block this scam by pressing CTRL-ALT-DELETE simultaneously and selecting end-task. This will terminate the browser. For Mac users, the best solution would be to “force-quit” the browser.  Unfortunately, I am unable to tell you how to fix this on any of the other browsers. If you use a different browser, then you should look a solution to this scam by doing further research.

Just always remember that legitimate firms like Microsoft or Apple would never call you or send ‘unsolicited’ emails asking for personal information. Additionally, they would never freeze your browser and then ask you to provide sensitive data.

Lastly, always be wary of ‘popup’ messages. They are usually traps for the Tech Support Scam, as well as other types of scams. So, avoid the urge to click on them. Use your browser settings to block Ads and Pop-ups. On Chrome, go to Settings and scroll down to the bottom and choose Advanced. Next scroll down the list and choose “Content Settings”. Be sure Ads and Popups are blocked.

Here is the link to the Malwarebytes Blog if you want to read more about this and see graphics of what your computer screen would look like during this new twist to the old tech support scam: https://blog.malwarebytes.com/malwarebytes-news/2018/02/tech-support-scammers-find-new-way-jam-google-chrome/

P.S.: Malwarebytes users are already protected against this redirection mechanism used in this type of attack. It’s just another reason to check out this great company. I have been very happy with their service. In this day and age of ever-evolving scams, it’s important to gain as much help, knowledge and awareness as possible.

 

 

 

PHISHING EMAILS – You’re the Fish

When it comes to Phishing Emails – You’re the Fish!

It’s always Phishing Season for Fraudsters. Phishing attacks use emails and sometimes text messages or malicious websites to get information from their victims. The ruse is an attempt to lure you, under the pretense of a problem or an emergency, to click on a link or open an attachment. There is usually a circumstance that is presented to you that requires your attention and your follow-thru, in order to resolve an immediate problem or issue. The emails claim that there will be dire consequences if you ignore the message.

Phishing Emails
DON’T CLICK ON LINKS!

Phishing emails often have the look and feel of authentic communications. Company logos are easily cloned and used in fake phishing emails. Inconsistent or incorrect spelling and grammar are also a tell-tale sign of phishing emails.

Most legitimate emails from businesses would include your name and/or the last few digits of your account number. An email from a friend or family member should be personal in nature. These targeted messages can trick even the most cautious person into doing something that may compromise them. Even if the email is from a known source, people should use caution, because Cybercriminals are very good at mimicking trusted businesses, or even friends and family.

Phishing Emails are Designed to Infect a Victim’s Computer with Malware.

You want to avoid getting Malware installed on your computer.  Infections can result in your downloading keystroke-logging software that enables a scammer to steal information from you as you type passwords or account numbers on a website.

Malware also gives the cybercriminal the ability to use the email addresses of everyone in your email program to spread SPAM to all of them. Your friends and family may be fooled into believing the SPAM email is safe (because it’s from you); and will therefore click on a tainted link or infected attachment in the email.

TIPS and ADVICE

  • Never click on links or open/download attachments – unless you are 110% sure AND have confirmed that they are legitimate.
  • If you receive what appears to be a phishing email or text, always go directly to the source (not the info in an email) to confirm that this is not a scam.
  • Hover you mouse over the sender’s address. You may see that the email address is not consistent with the name of the company or it may be a long string of numbers and symbols that don’t make sense.
  • If calling a business to confirm the email’s legitimacy, be sure to call the correct phone number. In some instances, fraudsters will purchase phone numbers that are only one digit off from those of a legitimate company. These fake (usually toll-free numbers) are an effort to trap people who may mistakenly dial an incorrect number or area code of a bank, credit card issuer, or other legitimate organization.
  • Suspicious emails should be reported to the Federal Trade Commission (FTC) by forwarding the email to spam@uce.gov.  Be sure to report it to the legitimate organization that the email pretends to originate from. You can also report it to your email provider. Once you’ve done that, you should always delete the tainted email from your computer.

EQUIFAX BREACH EXTREMELY DAMAGING

Why is the Equifax breach extremely damaging? Because the typical information required to prove your identity is now in the hands of the bad guys!

YOU CANNOT HIDE YOUR HEAD IN THE SAND AND THINK YOU’LL BE IMMUNE! 

An identity thief will go to great lengths to dig up your personal identifying information (PII) so they can impersonate you and then commit ID theft. This Equifax breach has already completed that part of the job for them.

Remember that 145.5 million Americans (over ½ the U.S. population) have had their PII stolen! Your information will likely be auctioned off on underground websites to opportunistic criminals, across the planet. Armed with your PII, a criminal can do a lot of damage to your identity, your good name and your financial records!

equifax breach extremely damaging
ARE YOU ANGRY YET??? YOU SHOULD BE!!!

How is the Equifax breach extremely damaging? Let’s count the ways… 

  1. Pretexting – Criminals will use your PII to convince your bank, credit card company, utility or phone service to make changes to your accounts. Your PII gives them the ability to change your email address, PINS, passwords, direct deposit info, phone # and home address. They’ll even change the answers to your secret questions – all in their quest to gain access to private information or to lock you out of your own
  2. Tax ID Theft: File fake tax returns to get large refunds.
  3. Credit Fraud: Open new lines of credit in your name (personal loans, auto loans, mortgages, new credit cards).
  4. Counterfeiting: Create fake ID’s like driver’s licenses, passports, insurance cards, etc.
  5. Criminal ID Theft: Use your ID to give to police if they get arrested.
  6. Medical ID Theft: Create medical insurance cards to get medical services or commit insurance fraud.
  7. Employment ID Theft: Use your PII to get a job and collect a paycheck.
  8. Financial ID Theft: Open bank accounts in your name and pass around bad checks.
  9. Malware/SPAM: Infect your devices with Malware by sending SPAM emails or texts, purported to be from Equifax. SPAM emails and texts are designed to lure you to click on links or open attachments that infect your devices and turn them into ‘bots’.
  10. Spoofing/Phishing: Imposter phone calls from Equifax employees or clickable links that lure you onto a fake Equifax website. Offers of free credit monitoring services or class action lawsuits, designed to phish for additional info, like your credit card number

YOU MUST LEARN WHAT TO DO TO PROTECT YOURSELF! YOU MUST BE PRO-ACTIVE AND EVER VIGILANT!  AND PLEASE – PASS IT ON…

READ MY PREVIOUS EQUIFAX BREACH ARTICLE TO LEARN WHAT YOU NEED TO DO.