Covid-19: vigilance against cyber-attacks
On March 22, 2020, a US court issued a prohibition order against the site <coronavirusmedicalkit.com>, which offered a fake vaccine against the coronavirus, presented as emanating from the World Health Organization. At the ministry’s request, Justice Robert Pitman issued a prohibition order requiring immediate action to block public access to this fraudulent site. Remember that to date, there is no vaccine against Covid-19 (justice.gov, 2020-03-22). There are countless examples like <coronavirusmedicalkit.com>. There are thousands and even hundreds of thousands of domain names containing the terms “COVID” or “coronavirus”. A few days before, the Attorney General of the State of New York had sent a letter to Craigslist (ag.ny.gov, 2020-03-20) and the domain name registrars (ag .ny.gov, 2020-03-20), imploring them to remove the advertisements and the domain names used to convey false information or to sell alleged cures against the disease. To face it, the community of technical intermediaries is mobilizing and going to the front line. Registrars around the world prevent, detect and/or delete domain names with the terms “coronavirus” or “COVID”. This reaction is essential. However, it must be carried out, taking into account the generic nature of the word “corona” in certain languages, which requires recourse to human intelligence.
The sale of fake vaccines is not the only way imagined by fraudsters to take advantage of the health crisis. Given the media coverage on COVID-19, fraudsters are increasing the number of scam attempts by using various techniques, including:
- Phishing, which involves sending emails similar to that of a business (e.g., a pharmaceutical company, a bank, an insurance company) or an organization (e.g., the World Health Organization ), in order to get the recipient to download attachments that are, in fact, malwares;
- Malicious applications (including ransomwares that blocks the device in exchange for paying a ransom);
- The publication of maps related to the pandemic, but which, in reality, insert ransomwares on devices
- The scam inviting to make a donation to an organization supporting research, the medical profession, etc.
- Fake online medical consultations.
Each time, the fraudsters use terms such as “COVID-19”, “coronavirus”, “vaccine”, “treatment”, “remedy”, etc.
Also, the victims of cyberattacks are increasing: the World Health Organization, the United States Department of Health, hospitals in Paris, and many others.
Experts call for the greatest vigilance.