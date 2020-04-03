Gangs of cyber criminals are targeting healthcare workers with ‘phishing emails’ pretending to offer advice and raise awareness of the deadly coronavirus pandemic.

The scam involves cyber criminals sending emails to staff working for healthcare companies claiming to be from the IT department, with a link to a website that looks like Microsoft Outlook.

Emails claim to be for an ‘all staff seminar’ where everyone can discuss the impact of coronavirus – but employees have to click the link to register.

Filling in the form the link leads to does nothing on the users end but sends their email details – and often passwords for company networks to the hackers.

Kiri Addison, Head of data science at security firm Minecast, said the fraud was part of a ‘steady stream’ of phishing emails sent since the coronavirus outbreak.

‘There’s so much uncertainty around coronavirus, they’re just going to prey on people’s fears,’ she told Sky News.

Earlier this week the US Secret Service issued a warning about the rise in scams linked to the deadly pandemic.

They said the virus was a prime ‘opportunity for groups with malicious intentions’.

Cyber security specialist at anti-virus company ESET, Jake Moore, says the spread of fear – especially around a pandemic is a dangerous tool in the hands of criminals.

‘People are falling for these scams in the notion of panic mode,’ he told Mail Online.

‘Cyber criminals are relying more on social engineering, the practice of deceiving or manipulating someone, and right now this tactic is proving very popular and people feel they have limited time to research the background and validation of sites.

‘My advice would always be to try and validate any information before acting and never click on links in unsolicited emails and never hand over passwords on sites that are not 100 per cent trusted.

‘Panic is a psychological feeling used widely especially when there is a pandemic’.

This scam isn’t the first discovered by Mimecast. Earlier in the week they spotted one purporting to come from HMRC offering victims of the virus a tax refund.

The secret service said in a statement that fear can cause normally scrupulous individuals to let their guard down and fall victim to scams.

These include social engineering, phishing, non-delivery scams, and auction fraud.

‘As the impact of the virus spreads this activity is almost certain to increase in order to take advantage of individual’s fears and their increasing concern at this time,’ Carl Wearn, head of e-crime at Mimecast, told Sky News.

Phishing scams have become a common and unavoidable part of email communication and ecommerce, the agency said.

‘Cyber criminals are exploiting the Coronavirus through the wide distribution of mass emails posing as legitimate medical and or health organizations.

‘In one particular instance, victims have received an email purporting to be from a medical/health organization that included attachments supposedly containing pertinent information regarding the Coronavirus.

‘This lead to either unsuspecting victims opening the attachment causing malware to infect their system, or prompting the victim to enter their email login credentials to access the information resulting in harvested login credentials.’

A report by Mimecast and HIMSS Media found that 90 per cent of US healthcare organisations had experienced an email based threat in the past year.

One in four of those said that thread led to significant disruption to services.

Since January more than 4,000 coronavirus-related domains have been registered and some 300 are deemed ‘malicious’, according to research firm Check Point.

They found that domains about the virus are 50 per cent more likely to be owned by cybercriminals than other domains registered during the same time period.

Omer Dembinksy, security researcher at Check Point, said fraudulent sites offering information or test kits in order to gather people’s information or receive payment.

The criminals are getting smarter as well, a study by security company ImmuniWeb found that they were providing real, live information on the pandemic in a bid to spread Malware that infects people’s computers.

Ilia Kolochenko from ImmuniWeb said coronavirus was a ‘formidable, unprecedented opportunity to trick panicking people amid global havoc and mayhem’.

‘The more emotions and personal matters the attackers leverage, the more successful their campaigns will likely be,’ Kolochenko said.

‘The human factor remains the most burdensome to mitigate by technical means among the wide spectrum of organizational cyber risks, and the COVID-19 connection makes victims particularly susceptible to thoughtless actions.’

The organisation urged companies and other groups to consider implementing a central process to communicate information on the pandemic.

‘Corporate cybersecurity and security awareness should constitute an invaluable part of such communications, as cybercriminals are profiteering from obscurity and uncertainty,’ Kolochenko said.

Eric Howes from cyber security lab KnowBe4 says criminals are using logos from the likes of Unicef and GlobalGiving asking for donations linked to coronavirus.

‘For bad actors across the internet, the coronavirus is the gift that keeps on giving,’ he said in a blog post.

‘It is providing endless opportunities to separate anxious and concerned employees from their logins and their money, all while persuading them to open the door to organization’s mission critical networks.’