Reminder: The US government isn't going to text you about COVID-19 payments
The US and UK governments have issued a new alert, warning users to avoid clicking any suspicious email or text message links related to government relief funds.
The alert, titled "COVID-19 Exploited by Malicious Cyber Actors" highlights the many ways the coronavirus pandemic is being exploited by bad actors. It was released as a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom's National Cyber Security Centre (NCSC).
According to the announcement, government security agencies are seeing an influx of COVID-19 related scams, put out by advanced persistent threat (APT) groups and cybercriminals. Like many scams, the perpetrators rely on both fear and trust to trick their targets.
The most common of these scams are phishing scams. A malicious party pretends to be from a reputable organization -- such as the government or the victim's bank -- and sends them an email or text message. The message will often state that a victim's account needs to be verified or that they need to provide additional information through a provided link. The information can then be used to log into the account in question.
New malware is also being distributed, using coronavirus or COVID-19 themed lures. By installing malware onto a victims computer, a cybercriminal can monitor the user's activity and siphon login data from sensitive sites, such as credit card and bank websites. Malware often masquerades as attachments in emails or files shared on social media.
An example of an Italy-based malware scam, designed to install a keylogger onto a user's computer
"NCSC has observed various email messages that deploy the "Agent Tesla" keylogger malware. The email appears to be sent from Dr. Tedros Adhanom Ghebreyesus, Director-General of WHO," reads the alert. "This email campaign began on Thursday, March 19, 2020. Another similar campaign offers thermometers and face masks to fight the epidemic. The email purports to attach images of these medical products but instead contains a loader for Agent Tesla."
Lastly, the announcement reminds people to be safe when using virtual private networks (VPNs) and video conferencing software. There are known vulnerabilities affecting VPN products from Pulse Secure, Fortinet, and Palo Alto. There are known scams related to video conferencing software released by both Zoom and Microsoft Teams.
It is essential to realize that the government -- whether in the U.S. or U.K. -- is not going to send out any information via text or email that will result in getting a relief payment. While many tech-savvy folks already know this, it may be a good time to refresh less tech-savvy people on how to keep themselves safe from scams.
The alert, titled "COVID-19 Exploited by Malicious Cyber Actors" highlights the many ways the coronavirus pandemic is being exploited by bad actors. It was released as a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom's National Cyber Security Centre (NCSC).
According to the announcement, government security agencies are seeing an influx of COVID-19 related scams, put out by advanced persistent threat (APT) groups and cybercriminals. Like many scams, the perpetrators rely on both fear and trust to trick their targets.
The most common of these scams are phishing scams. A malicious party pretends to be from a reputable organization -- such as the government or the victim's bank -- and sends them an email or text message. The message will often state that a victim's account needs to be verified or that they need to provide additional information through a provided link. The information can then be used to log into the account in question.
New malware is also being distributed, using coronavirus or COVID-19 themed lures. By installing malware onto a victims computer, a cybercriminal can monitor the user's activity and siphon login data from sensitive sites, such as credit card and bank websites. Malware often masquerades as attachments in emails or files shared on social media.
An example of an Italy-based malware scam, designed to install a keylogger onto a user's computer
"NCSC has observed various email messages that deploy the "Agent Tesla" keylogger malware. The email appears to be sent from Dr. Tedros Adhanom Ghebreyesus, Director-General of WHO," reads the alert. "This email campaign began on Thursday, March 19, 2020. Another similar campaign offers thermometers and face masks to fight the epidemic. The email purports to attach images of these medical products but instead contains a loader for Agent Tesla."
Lastly, the announcement reminds people to be safe when using virtual private networks (VPNs) and video conferencing software. There are known vulnerabilities affecting VPN products from Pulse Secure, Fortinet, and Palo Alto. There are known scams related to video conferencing software released by both Zoom and Microsoft Teams.
It is essential to realize that the government -- whether in the U.S. or U.K. -- is not going to send out any information via text or email that will result in getting a relief payment. While many tech-savvy folks already know this, it may be a good time to refresh less tech-savvy people on how to keep themselves safe from scams.
Comments
Of course Covid-19 scammers are out in force because of all the fear and panic being instilled in the population by the news media with their announcements of the latest death tolls while sinister music plays in the background. They promise Facts Not Fear but are doing the exact opposite. Now the ‘experts’ appear to be backing off their apocalyptic predictions but what does really mean? Were they wrong in the first place or has the social distancing having an effect? It will be interesting in the coming months when investigative journalists dig into the facts and fictions of this episode.
What?
Steve Munchkin is not going to Venmo my money to me?
I don't really need it, so I have to figure out what kind of goodies I'm going to get with it. I don't need anything from Apple right now, so I'll have to come up with something else. I'm probably going to treat myself to something nice.
As for these scams, of course lowlife criminals and scammers are going to be taking advantage of the current situation, it's what they do. I don't disagree with Lkrupp, serial scammers should be sentenced to death. I have no problems with that. One single scammer can cause a lot of problems and headaches for a great many people. Scammers should be eliminated, just like we try to eliminate certain diseases.
I'm not worried about scams myself, as I can easily spot them from a mile away. Most scammers are very stupid people who aren't very intelligent and many can barely write in proper English. When you receive an email from a "major company" that's full of grammatical errors, that looks like it was written by a third world dunce, that would be a good tip off for most people who are paying attention. But I do sometimes get calls from relatives asking me about certain emails that they get, like an email from "Apple", asking them to reset their password. I tell them to not open the email, do not click on anything at all in the email, and just trash it immediately. I also love when I get emails from "Facebook", asking me to reset my password. I'm not even on Facebook. That's a slight give away.
Many people on this site are probably tech savvy, but the average person, including many of our family members and certain friends are not and I suppose that some of them are susceptible to being scammed.
The internet is no place for the uninformed and the naive.
"Everybody needs to remember: This is not a zombie apocalypse. It's not a mass extinction event."
https://www.wired.com/story/coronavirus-interview-larry-brilliant-smallpox-epidemiologist/
As for deaths, there's a global quarantine in place (97% of the US ordered), and even with that there has been a large spike of deaths from a highly contagious disease in a very short amount of time. 85,000 so far, a high mortality rate. But thankfully, distancing is working. As the CDC has explained, in the US they originally planned on 50% of the population to adhere to the stay-home order, but the actual number is surprisingly much higher. It's working.
You can explore the data here:
https://www.worldometers.info/coronavirus/
https://www.worldometers.info/coronavirus/coronavirus-age-sex-demographics/
....and there ya go.
All I have to do is delete them.
Why do they think the markets imploded (twice!) and unemployment has shot through the roof. Because we crashed the economy so it wouldn’t be as bad as it was going to be.