00:00

CovidHackersV5.dfxp So, these are scary times but unfortunately there's more to worry about than just a global pandemic. New warning from the FBI about coronavirus scams. Scams related to the coronavirus. Stealing sensitive personal information. It could infect your computer. Any time there's a global event, hackers like to weaponize it. So whether it's the Olympics or an election or a global pandemic, hackers are trying to leverage whatever the situation is against users. I have an old email address with a pretty good spam filter and it's just inundated with spam mail claiming to be everything from the World Health Organization to COVID-19 vaccines. Now I'm not gonna take the bait but believe it or not, a lot of people will. It is working that is why hackers and criminal attackers continue to use it. Now I don't need to tell you. Well, maybe I should. Don't click a link, don't open attachments. Just delete it. But for many, that's easier said than done. Phishing emails have quadrupled since the coronavirus outbreak. It's gotten so bad that both the U.S. and the U.K. Have issued joint warnings about the schemes. So why have all these phishing schemes pivoted to coronavirus practically overnight? So a successful phishing campaign, it has to be interesting and it has to sort of look reliable. On one hand, they want this email to look like something you're gonna get anyway but they also want it to grab people's attention to say Oh I need to click on this urgently and the coronavirus stuff really fits both of those things. People are getting an incredible amount of email about it but it's also a place where people have a lot of hunger for new information. But there's one ingredient that COVID-19 pandemic offers hackers that say a Nigerian prince never could. Fear. It is scary. Millions who are scared right now. I am just afraid of this week. The idea behind these schemes is that in times of crisis or uncertainty or fear, people just let their guards down. So in cases where you know something is promised, maybe people are distracted and not as focused on who might be sending something. Or in cases where a hacker is promising information, when we're scared, we might be more likely to click on it without thinking twice about who it might be coming from. On top of the fear-based COVID-19 schemes, hackers have seized on one of their tried and true lures, money. The prospect of a payout from the two trillion dollars stimulus package in the U.S. comes with the subject line saying COVID-19 payment. Again, delete it. So it's important to understand who these hackers are and despite all the stock footage ever made about hackers, they're not necessarily some shady dude in a hoodie. These are folks that aren't out to sort of make a quick buck. Some of these groups can make hundreds of millions of dollars in a year and sort of have the investments to sort of use that money to reinvest in sort of grow big capabilities. Cybersecurity data suggests that many of these hacking operations are backed by major nation states. So we've seen multiple state-sponsored cyber espionage actors who use coronavirus as a lure. We've seen North Korea, China and Russia all employ it to try to compromise their victims. And it doesn't stop at spam mail. Fake social media accounts are spreading disinformation about the coronavirus that back the interest of countries like China and Russia. According to the U.S. State Department, Russia has put forth its entire disinformation apparatus to spread disinformation about the coronavirus pandemic. So this includes websites, conventional media and also they stay swarms of bots on social media platforms that are doing the work of amplifying or spreading messages that are false related to the pandemic Russia's motivation is to sow discord and distrust and are leveraging the pandemic to create a lot of fear and uncertainty and make people doubt healthcare institutions. Just because the 2016 election came to an end doesn't mean that disinformation campaigns from nation state actors and criminal actors didn't come to an end. So we are seeing bot nets from Russia, from Iran, from China, perfectly willing and capable of creating chaos through misinformation. And unfortunately, it kind of gets worse because hospitals and medical institutions are a favorite target for hackers. What they will do is hit a target with ransomware which is an attack that uses malware to encrypt or lock down data belonging to an organization. And they'll charge a ransom for the decryption of that data. And from a criminal perspective, those attacks might be more successful during a time when healthcare institutions are so important. There is increased targeting on medical facilities, hospitals, testing centers, primary care physicians because they are so dire, so desperate to keep their operations up. If they shut down, there are lives at stake. Just as we must band together to defeat the COVID-19 pandemic, we must also be vigilant against the people and nations shamelessly trying to capitalize on these trying times. In terms of disinformation campaigns, it's important to think about who you're receiving information from, trusting official sources and not believing everything that's on social media about the pandemic. Instead, going to trusted news outlets. Always be on the lookout to communication that you don't normally get. Sort of the ways to check that you can double check who the sender is from, making sure they're exactly sort of who you're expecting. Just opening and looking at an email in your Gmail browser is it's gonna be very unlikely to infect you. But your risk increases a lot when you open an attachment or click on a link. So you can generally read an email and be okay but be very wary of attachments or links especially if they're unexpected. So while we all understand the temptation to click, out of fear or even greed, please do yourself a favor and just delete it.