Coronavirus: Cybercriminals profit off COVID-19 fears; here are ways to secure your information and connection

SAN JOSE, Calif. (KGO) -- While many across the U.S. and Bay Area are sheltering-in-place, cybercriminals are striking. Cybersecurity experts say online scammers are on the offensive, targeting vulnerable Internet users.

The COVID-19 pandemic has changed the way we work, as many are now forced to work from home.

LIVE UPDATES: Tracking all the latest developments in the novel coronavirus outbreak

The arrangement brings with it a new set of cybersecurity challenges.

So ABC7 News turned to experts to learn who is most at risk

"To be honest with you, everybody," San Jose State University (SJSU) Cybersecurity expert, Professor Ahmed Banafa told ABC7 News. "It's just that level and degree of how hard the bad actors or the hacker's going to try.

However, Professor Banafa assures there are ways to keep your information safe, and your connection secure while sheltering-in-place.

Those who are forced to work from home shared their set up.

"For me, it's mostly just been connecting my computer to my home desk, so I can have another monitor," Talanda Williams told ABC7 News.

Williams works in tech, and is working from home for the foreseeable future.

The tech industry has forced Williams to be much more diligent when connecting to networks that are outside of her workplace or her home. She understands the threat.

"I know it's a little bit more if you're working from a hot spot area like a Starbucks or something," Williams explained. "But with everybody home on their own networks- as long as you're not borrowing from your neighbor- I think it's pretty good."

CORONAVIRUS: Everything you need to know about San Francisco Bay Area's shelter-in-place order

"New experiences, in general, can always be a bit concerning," she said about the current pandemic. "So, I can see how maybe you're coming up with thoughts that you hadn't considered before- in terms of security, or companies that are all sending out these different announcements."

Other companies rely on a Virtual Private Network (VPN), which is essentially a secure pipeline between an employee and work.
Professor Banafa emphasized Internet users will want to steer clear of public unsecured WiFi connections.

He said properly configuring your firewall, sticking to company equipment, and only visiting trusted sites are key.

"When we talk about cybersecurity, we are talking about a race between the good guys and the bad guys," he said.

Another thing to consider, according to Banafa, "If you're an important person at a company, of course they're going to see this as an opportunity for them to say, 'He or she is sitting at home, let's see if we can get that information.'"

He adds, this practice is known in the cybersecurity world as "Spear Phishing."

"Which is specifically for a certain group or certain person," Banafa said.

"In the world of cybersecurity, the criminals or the hackers, they capitalize on two things," he said. "Extremes of the human nature, which is greed or fear."

With so many impacted and panicked by the COVID-19 pandemic, this is an opportune time for criminals.

Since the end of February, Banafa said researchers have found domain names related to COVID-19 have greatly increased.

Research shows the average number of new domains is almost 10 times more than the average number found in previous weeks.

So far, data shows 0.8-percent of the domains were found to be malicious- that equaled 93 websites.
Additionally, 2,200 websites were found to be suspicious- that's 19-percent.

"For example, the famous website for Johns Hopkins University- where everybody is using it to track the cases- there are so many copies of that website," Banafa said. "And they are malicious."

Pandemic or not, Banafa explained tech has always been under attack.

He shared this running list of issues Internet users should be aware of:

  • Researchers from security firm IssueMakersLab uncovered a malware campaign launched by North Korean hackers that used booby-trapped documents detailing South Korea's response to the COVID-19 epidemic as a lure to drop BabyShark malware. Recorded Future observed, "at least three cases where reference to COVID-19 has been leveraged by possible nation-state actors."
  • A fraudulent version of the Johns Hopkins Coronavirus Map in the form of a malicious executable.
  • A fake real-time coronavirus tracking Android app, called "COVID19 Tracker," was found to abuse user permissions to change the phone's lock screen password and install CovidLock ransomware in return for a $100 bitcoin ransom.
  • Another phishing attack, uncovered by Abnormal Security, targeted students and university staff with bogus emails in a bid to steal their Office 365 credentials by redirecting unsuspecting victims to a fake Office 365 login page.
  • Comment spamming attacks on websites that contained links to a seemingly innocuous coronavirus information website but redirected users to dubious drug-selling businesses.
  • Aside from malware-laden spam emails, F-Secure researchers have observed a new spam campaign that aims to capitalize on the widespread mask shortage to trick recipients into paying for masks, only to send them nothing.


To avoid issues, Banafa shared the following advice:

  • Use VPN if you can. Many businesses are using them like a secure pipe between you and your work
  • Ask your IT about using your personal devices for work (BYOD) if they are safe
  • Have enough Bandwidth
  • Stay away from public unsecure wi-fi
  • Question email with free and unsolicited information
  • Do not click on a link in an email, go to the website directly
  • HTTP is bad HTTPS is good, S means "secure."


He stressed, "We have to be careful about many, many things when we are now completely virtual."

Cybercriminals are also targeting phone apps. Banafa encourages users to be wary of any app promising real-time tracking of COVID-19.

In some cases, the app locks users out of their phones and demand a ransom for release.

You can watch the entire one-on-one interview with Prof. Banafa below.

EMBED More News Videos

San Jose State University (SJSU) Cybersecurity expert, Professor Ahmed Banafa, sits down with ABC7 News to explain how cybercriminals are striking during the coronavirus pandemic.



Go here for the latest news, information and videos about the coronavirus.

RELATED STORIES & VIDEOS:
Copyright © 2020 KGO-TV. All Rights Reserved.