Covid-19 has changed our daily lifestyle, people are working from home and spending more time on the internet than ever before; needless to mention every one of us is anxious and scared about the situation, frequently checking various Covid-19 online links to get updates. Well, this brings a golden opportunity for hackers to target individuals & companies and make money. Some recently published reports show since Feb’2020 thousands of new domain names were created with keywords viz. Corona, COVID, Pandemic, Virus, WHO, Vaccine, so on.. & most of them are likely to spread malicious activities.
Before get to online vulnerabilities let’s understand the fact that, most of us use (i) Windows operating systems who can be (ii) easily persuasive and (iii) have no security systems in their computers or mobile phones.
Phishing Attack: The most common type of fraud – uses fake login pages, fake COVID domain names, fake job offers to defraud people. Fraudsters use popular topics to infringe companies’ trademarks or steal sensitive customer information. Some examples are:
- Phishing emails from “email@example.com” or with the subject line “COVID-19 Testing” (recent SBI fraud in India) or
- India-covid19.com (any fake domain names)
- Phishing emails from ‘firstname.lastname@example.org’ instead of ‘email@example.com’ or
- www.facebo0k-login.com (fake login pages)
- Depending on the types of a victim (individual, corporation, Big fish like CFO, etc) Phishing attacks differ like – Spear Phishing, or Smishing or Whaling or Pharming.
Pharming Attack: It starts with fake web links, forged Play store apps, when you click on them malicious codes are injected into your computer to poison your DNS server; Now let’s understand that your DNS name is your identity and it contains the private IP to public IP mappings vice versa. So when you login next time your legitimate online banking link might land you to the hacker’s fake webpage using false entries at your DNS cache.
SMS Forging or Smishing Attack: Now that there’re many more gateways between IP networks and SMS networks, hackers can send SMS links from the Internet using Mobile operator’s forms. For example, “COVID Donation link”, “Free COVID Insurance link”, “Free Netflix Subscription link” to lure people.
Covid-19 Donation Fraud: In recent past Govt of India announces “PM-CARES relief funds” for donations to fight economic recession; however according to reports thousands of fraud portals, fake UPI Ids related to coronavirus were created to siphon-off the donation money. For Ex. the correct UPI ID of PMCaresFunds is pmcares@sbi but many fake IDs such as pmcare@sbi were created very next hour, eventually blocked later.
Simple Bootup hijack (Back Orifice 2000): Pertinent for people who’re now working from home has to share their Windows desktop, sometimes gives system control. Like this when any unattended PCs are available, running some simple codes in the system directory to get complete control of the victim’s pc keystrokes, screen, etc; it is too dangerous since it operates silently in the victim’s computer and undetectable to any antivirus running on victims computer.
Tab Nabbing Attack – When the victim opens multiple tabs in his pc, using some sophisticated cross-site scripting, browser extension, or flash widgets (showing Covid-19 updates) attacker gets access to open tabs of the victim’s computer. Now realize that the victim’s open online bank page/ trading platforms or open corporate pages can easily be compromised.
Bruteforce Attack – It’s an attempt to guess a password or encryption key by systematically checking every possible option. For Ex. ‘Facebook brute’, ‘Twitter brute’, other eCommerce brute viruses try to steal your password; that’s why passwords are given limited try option until the account locks. Yet unfortunately, it is being seen that most of the people don’t change their default/ first password.
How to Protect yourself – Tips and Recommendations:
Follow Govt. approved Webpages, Mobile App
- Strictly follow Govt. webpages, approved Apps for Covid-19 news and updates
- Be careful about the site visit- try to avoid ‘HTTP://‘ pages, always visit ‘https://‘ pages
- Avoid webpages with unfamiliar fonts, color, spelling errors
- Try to use office/ corporate computers for online banking, money transferring as they provide end-point protection against any malware, external threats
- Double-check the UPI Id, validate the bank/ merchant name before payment
- It’s better to avoid untrusted Covid-19 links, forwarded messages, any job offers on WhatsApp or SMS
- Be careful about KYC SMS links, don’t share until you verify the link
- Discard emails from an unknown person, unfamiliar address
- Avoid emails containing untrusted attachments – just delete or report phishing.
- For your info phishing, emails generally contain info like Prizes, Lottery, Job offers, freebies, etc.
Before you Accept/ Click
- Don’t click on online widgets, flash images, pop-ups during browsing a webpage
- Don’t Accept cookies from untrusted webpages, click ‘x’ and close
- It’s mandatory to install authentic antivirus, security apps & update them regularly
- Use WPA2 encryption for your home WiFi router
- Don’t use pirated software, movie download sites, adult sites, untrusted eCommerce platforms
- Periodically scan all files (incl. the zipped, hidden) in your PC, Tablet, Phone
- Check if any site has your default password – if so change it
- Change password for online banking, eCommerce sites, trading platforms every 2-3 month
- Try not to avoid free WiFi at Airports, Coffee shops, or Railway platforms like areas; and never log in to your online banking page or make any financial transactions