As the novel Coronavirus or Covid-19 spreads across the globe with increasingly stringent measures being put into place in an attempt to contain the virus, we have some 300 million children and students across the globe being kept home from school. Italy is on lockdown, millions of people are working from home, some 59 schools and universities including Harvard in the US are sending students home and holding classes remotely. Google has announced that all employees in North America work from home. The Internet is becoming more critical in the continuity of business, education and communication. Life is changing and interaction will be online for the most part, we don’t know for how long or how serious this is going to get. What we do know, however, is that malicious hackers are already taking advantage of this new reality. Scams designed to exploit our fear abound and we need to ensure that we are protecting ourselves from these as much as we are taking precautions not to become infected with the Coronavirus.
There are a number of phishing attempts that are using the fear created by this pandemic to plant malware on your computer.
Many people have received an email recently promising information on the virus. Specifically, the email promises to provide recipients with information that will protect them from the virus. This email is accompanied by an attachment CoronaVirusSafetyMeasures_pdf. The mail goes on to encourage recipients to download a “censorship-free” file-sharing service.
According to BleepingComputer:
“The malware will also gain persistence on the infected device by adding a Startup Registry key at HKCUSoftwareMicrosoftWindowsCurrentVersionRunOnce which allows it to restart itself after the computer is restarted”
This download further installs two executable files in the:Users<username>Subfolder ” system directory on the victim’s computer. A VBScript is then the launching point to run the executables, including those for the Remcos Rat dropper, this malware is sophisticated and designed to avoid detection from standard firewall protection. Once the malware has installed itself it goes about logging your every keystroke.
The CoronaVirus may not be a cyber virus but the impact of the pandemic, such as the closures of business, working from home, cutting of staff and budgets will without question result in a number of new cyber attacks.
The World Health Organisation has recognised this threat and provided a list of things to watch out for. There have already been phishing schemes launched that look as though they are sent from the WHO and ask for sensitive information. These are an attempt by hackers to get your personal information.
On March 6, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) released an alert warning people that phishing emails and new websites aimed at preying on our fear of the virus are running rampant and people should be very careful of scams.
So how to protect yourself against these cyber threats?
LucidView’s Enforcer Content Filter and its constantly roaming AI will automatically add the websites that are not what they claim, to the “Risk” category and the site will be blocked before it has any chance to impact your security. Additionally, if an email sends you to a site where malware is waiting to be downloaded, you will find that site blocked as it will have been classified as “Risk”.
The CoronaVirus is an unprecedented event, it is likely to have far reaching consequences, we at LucidView will continue to ensure that your Internet is effectively content filtered and only Clean Internet™ is delivered.
The LucidView Enforcer Content Filter and Reporting engine is 100% free, if you haven’t yet taken advantage of this opportunity there is no better time than now! Take the same precautions with your online health as you do with your physical health.