Coronavirus: Using the Internet Allows Us to Take Care of Ourselves

According to information provided by Recorded Future, in the first trimester of 2020, registration of domain names related to the coronavirus grew from very few to close to 800.

For this reason, LACNIC CSIRT has tried to update the Internet community with the latest information about certain types of fraud so that everyone can be on the lookout and prevent cyberfraud.

In this context, there has been an increase in cybercrime targeting users who wish to access maps with information on the coronavirus pandemic, coronavirus symptoms, and other coronavirus related topics. Many of these attacks direct users to malicious websites that not only try to steal confidential user information but also provide fake diagnoses.

Attackers have also targeted online shopping sites. Fake websites have been created offering protective products that are currently in high demand, such as face masks and hand sanitizer. Attackers are also taking advantage of this type of websites to request Bitcoin donations under the pretense of funding research to find a vaccine against the virus.

The most common form of attack is via email – most of these fraud attempts use an email attachment or a link to a malicious site.

According to Vade Secure, many documents created with the Microsoft suite have been detected that exploit previously known vulnerabilities. These documents appear to originate in reliable sources and contain information regarding the evolution of the virus, protection tips and other topics. 

Several industries have been affected by these campaigns, including the pharmaceutical sector, the cosmetics sector, the financial sector, transportation and others.

Some people don’t regard credential theft as a serious crime. However, when one considers that this information allows attackers to gain access to other systems, we realize that it is indeed very serious, as attackers know that many people use the same username and password for different purposes.

Recommendations. Given the increase in fraud, LACNIC CSIRT has prepared the following recommendations:

• Avoid opening links to unknown websites or clicking on links suggested by unknown persons or pop-up windows.
• Take a look at the URL you wish to visit. If it seems suspicious or you are unfamiliar with the website, try typing it yourself in your browser.
• Don’t open links (URLs) that offer seemingly wonderful products that will keep you from becoming infected or that offer immunity.
• Stay alert to messages asking you to urgently provide personal information. No institution will ask us to enter our personal information this way.
• Change the settings of the online platforms you use so that participants cannot share their screens.
• Always check the source and never provide personal data or documents.
• Keep your systems up-to-date and your backups current.
• Look up official websites.
• Regularly change your passwords and avoid using the same password for different websites.
• If affected, report the problem as soon as possible to the institution involved. Otherwise, a list of regional CSIRTs is available here.

* Head of LACNIC CSIRT