As coronavirus continues to spread across the globe sickening thousands of people in its wake, a malicious strain of software is seeking to take advantage of people’s fears.
Researchers with IBM X-Force and Kaspersky have discovered that hackers are sending spam emails to people in the hopes of infecting smartphones and computers with malicious software.
The malware is disguised as legitimate information about coronavirus.
The emails sent to people in Japan claim that the respiratory illness has infiltrated the country, and urge the receiver to open an email attachment to learn more information. If the receiver opens the file, malicious software harvests personal data and can inject other inflammatory software.
That means hackers can gain access to your personal files and copy them.
“We have observed several instances of such exploitations in the past and now detected a recent wave, motivated by the outbreak of the coronavirus in China,” cybersecurity researchers at IBM said in the report, adding that this approach may be more successful due to fear of infection surrounding coronavirus.
Hackers often use current events and compelling verbiage to get people to open emails, download attachments or tap links. Since coronavirus is a hot topic, it’s no surprise that bad actors would use the widespread illness to prey on people’s fears, experts say.
“Hackers will use whatever is timely to get victims to do the action required,” said Marty Puranik, a cybersecurity expert and CEO of Atlantic.Net, which instructs people on how to avoid getting their information compromised.
Hackers also track the open and install rates of their various malware campaigns, so they can scale and reproduce the scams that perform the best for them, Puranik added.
IBM’s report focuses primarily on Japan, though there could be an uptick in malicious coronavirus-related scam emails elsewhere too.
“We expect to see more malicious email traffic based on the coronavirus in the future, as the infection spreads,” IBM said in the report. “This will probably include other languages too.”
Hackers get savvier over time. However, there are things you can do to thwart coronavirus-related attacks and other hacking attempts.
Always exercise caution. Don’t open sketchy links sent to you via text or email. Don’t answer suspicious phone calls, and don’t download attachments that you didn’t ask for.
“If you want to learn more about coronavirus, you can search Google and find a safe site that can advise you on the matter,” Puranik said.
Be sure to only install official updates. In 2019, millions of Android phones were reportedly infected with malware through a fake app disguised as that of a phone manufacturer’s.
Use secure passwords. Amazon’s Ring security cameras were hacked, and short, easy-to-guess passwords may have been the reason why. Two-factor authentication is always a good idea.
Run antivirus software on your smartphone. These apps protect your device from viruses and other malware, and premium services lock down your privacy settings and scan apps and files for security threats. – USA Today/Tribune News Service