The Australian Competition and Consumer Commission (ACCC) reported that their Scamwatch service has tracked nearly 100 coronavirus related scams since the start of the year, and that they only expect numbers to rise.
“Scammers are impersonating official organisations such as the World Health Organization and the Department of Health or legitimate businesses such as travel agents and telecommunications companies,” ACCC Deputy Chair Delia Rickard warned in a statement released Friday.
In one scam found by Australia’s Cyber Security Centre (ACSC) cybercriminals impersonating the government are circulating a link over text, purporting to contain information about coronavirus testing in your region. The link, however, contains malware.
The increase in remote work also leaves companies and organizations with unsecured systems particularly vulnerable to infiltration, the ACSC warned in a statement released last week.
Europol commented on the threat on Friday, saying that “the coronavirus outbreak has spurred widespread anxiety and forced many people to work from home. Malign actors are actively exploiting these new challenging circumstances to target remote workers, businesses and individuals alike.”
Without the face to face contact of an office environment, the digital networks which keep employees connected are all the more valuable to employers but also to cybercriminals who engage in ransomware attacks.
In the United States, the Champaign-Urbana Public Health District’s website, which serves more than 200,000 people, was crippled earlier this month by ransomware, the News-Gazette, a local outlet, reported.
A program called Netwalker was used to lock them out of their own files, so that they could be offered an encryption key at a steep price. They immediately contacted the FBI.
The US Department of Health and Human services was also targeted in a cyberattack last week Bloomberg reported.
“Malicious cyber actors could take advantage of public concern surrounding COVID-19 by conducting phishing attacks and disinformation campaigns,” warns the United State’s Cybersecurity and Infrastructure Security Agency (CISA) in a set of guidelines released on Wednesday.