Nothing is as it seems, but it all starts with just an innocent click.
As the coronavirus spreads across the world, hackers use fear and confusion to spread computer viruses in increasingly sophisticated ways.
The BBC has been tracking down some of the scams phishing by emails reported by cybersecurity organizations since the outbreak of the new coronavirus hit the front pages.
Hundreds of different criminal campaigns have been detected that have sent millions of fake emails.
The campaigns of phishingtake hold of today
Information security experts say the increase in attacks related to covid-19, the disease causing the new coronavirus, is the worst seen in years.
Cybercriminals are using English, French, Italian, Japanese, and Turkish to target potential victims, both individuals and industries including transportation, healthcare, insurers, hotels, restaurants, and manufacturing.
It's impossible to say what the true scale of the email epidemic is, but here are some of the most compelling and how to spot them.
«Click here for the coronavirus cure»
Proofpoint researchers first noticed a strange email reaching their customers in February.
It is a message from a mysterious doctor who claims to have a document with details about a coronavirus vaccine that is being covered up by the governments of China and the United Kingdom.
Proofpoint says that curious recipients who click on the document are taken to what appears to be a normal and trustworthy Docusign page, but it's actually a website created by criminals themselves to get their login details.
Once they get the username and password
They seize your documents, in addition to getting access to any other site that uses the same email and password; Proofpoint says the emails are sent in batches of 200,000 at a time.
Sherrod DeGrippo, from this company's threat detection and investigation team, said:
"We have seen more than 35 consecutive days of malicious email campaigns about coronaviruses, and many use fear to convince victims to click."
"It started with one campaign a day and now it's three to four a day. With this increase in volume, it is obvious that these campaigns are generating dividends for cybercriminals. ”
The best way to see where it will take you
A link is to hover over it, where the true URL tag will appear. If it looks suspicious, don't click.
THAT COUNCIL CAN SAVE YOU
Hackers have been posing as the World Health Organization (WHO) since the early days of the outbreak, a particularly reprehensible strategy.
They say that victims who download the attached file receive no useful advice and instead their computers are infected by a malware called AgentTesla Keylogger.
Proofpoint says that once installed, this malware will log all keystrokes and send it to attackers, a tactic that can give internet access to bank and financial accounts.
To avoid this scam
Ignore emails that are allegedly from the WHO, as they are likely to be fake, and instead visit the institution's official website or social media channels for their latest advice.
"Now the virus is in the air"
This campaign of phishing It is not only striking, but it induces fear.
The matter says «Covid-19: now on the air, increased community transmission» and it's also designed to look like an email from the Center for Disease Control and Prevention (CDC, for its acronym in English), the US agency in charge of the health area, with a false address that is very convincing.
Cofense, who first detected the scam, describes it as an example of hackers «turning into weapons fear and panic«.
The link directs victims to a bogus Microsoft login page where they are encouraged to enter an email and password. Once they do, they are redirected to the CDC's actual advice page, making it seem even more legitimate.
Of course, by the time you get there the fraudsters already have what they need from your email account to loot it whenever they want.
Cofense researchers said
Despite the odd capital letters of some words in the email, it's a pretty good fake that, when combined with the high-stress situation it presents, can cause most users to overlook those details and click on the link immediately ».
«Help us fight the virus, make your donation here»
It is being supplanted in dozens of different phishing campaigns.
This one has an almost comical approach and was reported to Kaspersky malware experts. It's a bogus CDC email asking for donations to help develop a vaccine, but asking for payments in the bitcoin cryptocurrency.
The premise is ridiculous, but the address seems very compelling as does the email design. The scammers even created a fake CDC website for the scam.
It also says that its antivirus software has detected malicious files called "coronaviruses" almost 3,000 times.
David Emm, principal security researcher, says that "The numbers have increased significantly."
"However, what we are seeing is still quite small and we expect the numbers to grow as the virus continues to spread."