Malware, spam, phishing scams and malicious websites are among the strategies used by hackers
* By Paul Pajares
What did the pandemic teach us about the digital world and cyber threats? Covid-19 caused a greater dependence on technology and accelerated the digitization of many companies. The need to reduce social contact, in order to combat the proliferation of the virus that causes the disease, forced even public services to adapt quickly to the Internet, and even increased telemedicine consultations. Digital banks also proliferated and the routine visit to shopping malls was replaced by online shopping.
However, as digital transactions became more present in our daily lives, several threats emerged. The more intense use of the internet has caused an increase in users' confidence in the platforms, making them easy baits for cybercriminals, who create very convincing replicas of e-mails, websites and even applications.
Another phenomenon identified was the increase in fake news, which was already a problem that had been faced before the pandemic. Disinformation grew and hackers started using Covid-19 and terms related to the disease, such as vaccines, as bait for their scams.
Now that vaccines are in the spotlight - with more than 1 billion doses administered in hundreds of countries - the number of attacks using the theme has increased. Earlier this year, Interpol issued yet another global warning about the use of the new coronavirus pandemic as bait for digital scams. This includes online and offline criminal activities for illegal advertising, sale, administration and theft of such vaccines. Recently, a false vaccine distribution network has been dismantled.
Since the first quarter of 2020, we have detected a wave of attacks associated with the Covid-19 vaccine. Among the main registered malware are: Emotet, Fareit, Agent Tesla and Remcos, operating in different countries in America and Europe. The industries most affected are healthcare, manufacturing, banking and transportation. In several cases, email senders pretended to be from the World Health Organization (WHO) and used the names of doctors.
In addition to Emotet and Fareit, other types of malware have been used to spread threats related to the Covid-19 vaccine. Among them, Trojan horses like Lokibot, Agent Tesla and Formbook and other Remote Access Trojans (RATs), which provide administrator controls and generally have features for uploading and downloading files, such as Remcos, Nanocore and Android Malware such as Anubis .
In October, a ransomware variant was spread through fake Covid-19 research. The phishing contained an attachment to an alleged survey for university students and professors in Canada. Telemetry also revealed the action of this malware, with more than a thousand detections, in Portugal, the United States and Israel.
And in November, the Zebocry malware would have passed for the pharmaceutical company Sinopharm, which produces Covid-19 vaccines. The attackers used as a strategy the sending of a Virtual Hard Disk (VHD - Virtual Hard Drive) with two files: a PDF for Sinopharm's presentation slides and an executable that passed itself off as a Microsoft Word document. The Backdoor Remcos ransoware, on the other hand, was disguised as a file that supposedly contained details about the Covid-19 vaccine. And Agent Tesla in a file that discussed the effectiveness of the tests, possible vaccines and curing the disease.
Recently, a phishing campaign circulating under the name of the United Kingdom's National Health Service (NHS). The email persuades the user to confirm the call for vaccination. If the "accept" or "disregard" button was clicked, the email would redirect the user to a home page, which displayed a form asking for the user's full name, date of birth, address and cell phone number.
These are just some of the scams related to the Covid-19 vaccine that are circulating on the network. They range from the distribution of vaccination cards and scheduling doses to consultations and sales of the vaccine, among others.
Some criminals also use SMS in their fraudulent campaigns. A scammer who pretended to be from a pharmaceutical company sent messages inviting the recipient to get vaccinated. He then provided a contact number for registration. You will probably ask for money when you are contacted.
Covid-19 vaccine-related scams are spreading across social media. With the current health crisis, it is understandable that people are looking for alternatives to buy a vaccine. But it is important to point out that fake vaccines can have negative repercussions on health, even if the scammers deliver any of the promised products after receiving payment.
The government and legal bodies in different countries continually advise the community to beware of such scams. For users, the tip is not to click on links or download attachments that come in emails from unknown sources. In addition, the ideal is to keep security systems such as antivirus and firewalls always active and up to date, as well as applications and other software used on a daily basis.
Bearing in mind that systems, mainly from companies, can also be protected by a multilayered security approach, focused on endpoints, e-mails, the web and networks. Below, some tips to escape from online scams:
- Think before you click. Avoid forwarding or sharing messages and posts without checking them first (use search engines and reliable or official news sites).
- Watch out for fake or malicious emails, websites and apps. Some signs that should arouse suspicion are: spelling and grammatical errors, incorrect names and logos of known institutions. If you're not sure, check with other sources, such as the company's official social media sites and contact information.
- Participate and / or promote cybersecurity training. Increased awareness and knowledge about online scams and other types of misinformation can help to identify these scams.
And remember, the more technological the business and the more user data it incorporates, the more value it will have for attackers. Therefore, it is necessary to place cybersecurity at the highest point of the podium.
* Paul Pajares is Trend Micro Cyber Threat Researcher and frequently participates in Interpol training.
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies
EN 
PT 
