Cybercriminals often prey on people’s fears in order to carry out phishing attacks, as has been the case with the Coronavirus since its outbreak at beginning of the year. Security researchers have noted both an increase in the overall number of Coronavirus-themed attacks and a change in the format that these attacks take.
Initially they were targeted towards the shipping industry using concerns over the economic impact of the disease, but now this has expanded to tailored attacks against other industries, such as manufacturing, healthcare, energy, retail and transportation. Examples of these scams include claims that is a cure for the virus which users must enter credentials to access information on, and emails allegedly from a legitimate internal company source to all employees with a malicious link or attachment attached. These emails are designed to make the user click on a link that will then steal login credentials through a fake website, or open an attachment containing malware.
Malware used in these attacks has been found to log keystrokes in order to steal financial account information or allow hackers to take control of the system that has been compromised. It is recommended to exercise extra caution when receiving emails about the Coronavirus and avoid clicking on any links or attachments contained in them.