Cyber scams and coronavirus
Cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the coronavirus outbreak, according to the UK official National Cyber Security Centre (NCSC). For example, bogus emails claim to have important updates, only once links are clicked on, lead to devices being infected.
Paul Chichester, Director of Operations at the NCSC, said: “Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails. In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”
The NCSC says that it has seen an increase in the registration of webpages relating to the virus. These attacks are versatile and can be conducted through various media, adapted to different sectors and monetised via multiple means, including ransomware, credential theft, bitcoin or fraud, according to the NCSC.
The NCSC points to its online guidance, on how to spot and deal with suspicious emails; and mitigate and defend against malware and ransomware.
Among examples, in February, the World Health Organisation (WHO) warned of fraudulent emails sent by criminals posing as the WHO. This followed a warning from the US Federal Trade Commission about scammers spreading phishing ‘clickbait’ via email and social media, as well as creating fraudulent websites to sell fake anti-viral equipment. Also impersonated is the US Center for Disease Control (CDC), whereby scammers have created domain names similar to the CDC’s web address to request passwords and bitcoin donations to fund a fake vaccine.
网络诈骗和冠状病毒
英国官方国家网络安全中心(NCSC)称,网络犯罪分子是投机主义者,他们习惯利用人们的恐惧来进行诈骗,而冠状病毒的爆发无疑给他们创造了机会。例如,伪造的电子邮件声称具有重要的更新,而我们在单击链接后会导致设备被感染。
NCSC运营总监PaulChichester表示:“我们向公众提供的建议是遵循我们的指导,其中包括从密码安全建议到发现可疑电子邮件的所有内容。万一有人确实成为网络钓鱼尝试的受害者,他们应该寻求尽快将其报告给“防止诈骗行动处”。
NCSC表示,与该病毒有关的网页注册有所增加。根据NCSC的说法,这些攻击用途广泛,可以通过各种媒体进行攻击,适用于不同部门,并且可以通过多种手段获利,包括勒索软件,凭证盗窃,比特币或欺诈。
NCSC向大众推荐其在线指南,内容涉及如何发现和处理可疑电子邮件。并减轻和防御恶意软件和勒索软件。
例如,2月世界卫生组织(WHO)发出警告,有犯罪分子冒充WHO并发送了欺诈性电子邮件。在此之前,美国联邦贸易委员会警告说,诈骗者通过电子邮件和社交媒体传播网络钓鱼“点击诱饵”,并建立了欺诈性网站来出售假冒的抗病毒设备。美国疾病控制中心(CDC)也被犯罪分子盯上,有诈骗者创建了与CDC网址相似的域名,他们向人们骗取密码和比特币来资助一个假的冠状病毒疫苗的研发。