Coronavirus: Fake News, Phishing Campaigns, Malware Attacks, and much more

The Cyber Blog IndiaCyber Security, Law

COVID-19, or Coronavirus, has brought the world community to a standstill. With any issue that creates panic among the general population, the threat of cyber crimes or cyber attacks becomes imminent. Needless to say, there are hundreds of examples showing how attackers are exploiting the situation and preying on people’s fears. With most of the employees working from home, the boundaries between personal and professional data have blurred. The average amount of time spent on the Internet has increased substantially after the lockdown has been enforced by many countries across the globe.

Some of the most prevalent cyber crimes, as identified over the course of last two months, include fake news/misinformation, phishing emails to steal sensitive data or deliver ransomware payloads, vishing calls, etc. Moreover, cyber criminals are even posting fake advertisements for goods or products that are not easily available such as alcohol. As soon as they collect a substantial amount of payments from the buyers aka victims, they delete their Facebook pages and switch off mobile numbers. On top of that, challenges like #sareechallenge and applications like “Which Ramayan character you are?” are only worsening the situation.

What do the statistics say?

UK’s National Cyber Security Centre has reported that coronavirus related frauds and scams have increased by 400% in the month of March and has suggested that this is linked to the sudden shift to working remotely. Instances of cybercrime appear to have jumped by as much as 300% since the beginning of the coronavirus pandemic, according to the FBI. The bureau’s Internet Crime Complain Center (IC3) recently said that it is receiving between 3,000 and 4,000 complaints every day, up from the average 1,000 complaints per day the centre saw before COVID-19 took hold. Thousands of potential phishing sites have been created which send out fake news about the pandemic situation and attempt to steal data from vulnerable users. CERT-In, and ReBIT, the technology arm of Reserve Bank of India, recently issued warnings about online threats and scams and asked financial institutions to be aware, especially with respect to choosing sources for the information about the COVID -19 virus. They have also warned banks to prepare for a possible increase in the number of cyber attacks.

Free Netflix Scam & Phishing LInk

Free Netflix Scam & Phishing Link

Free Groceries Scam & Phishing Link

Free Groceries Scam & Phishing Link

Mainstream Cyber Crimes during the COVID-19 Outbreak

1. Phishing Attacks

In the case of NASSCOM v. Ajay Sood & Others, 119 (2005) DLT 596, the Hon’ble High Court defined phishing as an illegal act wherein a  person pretends to be a legitimate organisation and then extracts user data. Section 66C of the Information Technology Act, 2000 is applicable.

For instance, a lot of scammers are sending emails that appear to originate from legitimate screening services such as Netflix, Amazon Prime, etc. and extracting personal information from individuals in lieu of offers and discounts amid COVID-19 lockdown. Previously, various deceptively similar UPI addresses were created for the PM CARES fund to dupe citizens under the impression that their donation will be going to the Prime Minister’s Fund.

Most Banks have also sent out warnings with respect to a new kind of phishing scam called EMI moratorium fraud. The fraudsters attempt to contact the victim to help postpone EMI payments during this tough situation of lockdown due to COVID-19. Most people during this time of utmost panic tend to get lured into such offers and end up sharing information like their card numbers, expiry date, and CVV with such fraudsters.

2. Malware Attacks

Malware is an umbrella term used for malicious software and it includes ransomware, virus, trojan horse, worm, spyware, adware, etc. Ransomware named “COVID-19 Tracker” has been doing rounds which asks for a ransom of $100 in Bitcoin within 48 hours. Otherwise, the ransomware will erase user data from the infected device and share personal information on social media platforms. Another malware called AZOrult was found to be hidden inside a downloadable Coronavirus tracking application. It is a trojan horse and aims to steal usernames, passwords, and other sensitive information.

3. Fake News/Misinformation

Put plainly, misinformation means bogus or fake news. Circulation of fake news on social media platforms and instant messaging (IM) platforms was a problem even before the pandemic had hit the world (Click here to read about the Great Indian University of WhatsApp). Misinformation is easy to spread but very difficult to control. For a layman, it is very hard to determine whether news being circulated on social media sites is legitimate or not. Messages like ‘WHO requires funds so please donate in the form of Bitcoins’ is not only fake news, but it is also a scam. It turns out that WHO does not even have a Bitcoin account. Malicious attackers have attached a fake link with this message which looks like an official WHO website, but it transfers the Bitcoin to the attacker’s account. Some instances are shown below that we are sure you might have come across them or similar messages:

Fake News Example 1

Fake News Example 1

Fake News Example 2

Fake News Example 2

Fake News Example 3

Fake News Example 3

4. Existing Vulnerabilities in Popular Applications

Due to the lockdown, Zoom app, which is used for video conferencing has become very popular. The number of daily users of this platform surged from 10 million in December 2019 to 200 million in March 2020.  Such burgeoning popularity has attracted malicious actors in no time. It has been found that Zoom contains several critical privacy and security flaws, and anyone with a Zoom meeting link can Zoombomb attendees and broadcast inappropriate content including pornography.

Is the Indian Government doing anything?

Some of the initiatives are listed here:

Conclusion and the Way Forward

A plethora of scams and phishing campaigns are being conducted these days in relation to COVID-19 to target the general public at large. As an end-user, it is important to be mindful of any potential attack. We are not only fighting a battle against a pandemic but also against an infodemic. Misinformation spreads faster and more rapidly than the virus. WHO explains that an infodemic is an excessive amount of information about a problem which makes it difficult to identify genuine and correct information. Individuals and organisations alike need to cooperate collectively to defend themselves against threats as they adapt the work from home mode for entire teams. In times like these, one must be extra cautious about the websites he or she visits. Emails from unknown sources should be avoided and malicious links should not be opened just because they are offering something for free.

Editor’s Note

Srushti: In my personal opinion, reasons for all the above-mentioned increments in cyber crimes are not limited to a sudden shift to a “work from home environment” or “panic or distress” among people during this pandemic. The reason extends to people being suddenly suffocated in their homes all by themselves making them indulge in absolutely anything online. Getting attention for a person to click a malicious link no longer requires flashy advertisements or lucrative offers, it just requires anything with the words COVID-19 or Coronavirus in it. Further, I recommend that precaution is always better than cure. Whether there is a pandemic/infodemic or not, following certain healthy security habits will definitely benefit you in the long run. Till then, stay safe and please do not click that link.

This article has been jointly written by Hardeep Singh and Prajakta Pradhan. They are currently in the first year of their B.A. LL.B. (Hons.) degree at Dr Ram Manohar Lohia National Law University (RMLNLU), Lucknow.

Edited by Srushti Iyer and Raj Pagariya