In the times of Covid-19 where financial and emotional vulnerability is rising, the financial fraudsters are in better position to engulf huge amounts of money. Several cases of people posing as legitimate institutions to lure individuals into providing sensitive data, have been reported all over the world.
This pandemic has left an indelible impact on everyone. The growing scare is giving rise to desperation for easy cures and treatments, economic helping for drowning businesses, emotional support to the unemployed, giving opportunities to predators to hunt new preys each day.
The biggest disadvantage of the internet world is lack of physical contact. Posing as someone else is an easy task. Phishing is one such crime through which sensitive data leaks to the criminals and frauds of huge amount of money become successful. The crime covers instances wherein the target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. In the times of Covid-19 where financial and emotional vulnerability is rising, the financial fraudsters are engulfing huge amounts of money. Here are a few cases which took place during this pandemic of covid-19.
The crime covers instances wherein the target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
German state of North Rhine-Westphalia witnessed a huge cyber fraud. A fraud website posing as an aid fund to help citizens and businesses impacted by the corona virus outbreak obtained about . €31 to €100 million within three weeks. Fake website which were look alike of Ministry of Economic Affair’s official website was created. Links through email campaigns were sent and applications for funding were called. The users relying on the website, shared their sensitive personal data for these fraudulent transactions. The scam was successful as the website did not ask for any scanned copies of IDs for verification. The government did not have a secured citizen verification procedure which gave the opportunity to the fraudsters to steal millions of euros.
In another case, the fraud websites of Gov.uk and the US Centers for Disease Control and Prevention (CDC) were used to spread phishing emails. The fraudsters impersonating as the CDC sent a phishing email to a South Korean electronic manufacturing company with the subject line “Coronavirus outbreak and safety measures in your city (Urgent).” An alert was issued by the United States Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) about the same. The alert provided an overview of COVID-19-related malicious cyber activity and gave practical advice to reduce the risk.
Recently, Haryana police informed everyone to beware of phishing emails received from unknown sources promising free Covid-19 treatment or reimbursement. They suspected the cyber attackers to send phishing emails via spoofed addresses like firstname.lastname@example.org or similar to the email id of authentic authorities responsible for dispensing government funded Covid-19 support initiatives. Their modus operandi was to ask for registering for testing by clicking on a malicious link and then stealing the data.
Recently, Haryana police informed everyone to beware of phishing emails received from unknown sources promising free Covid-19 treatment or reimbursement.
The users can detect phishing sites by identifying the cloned site through similar logo or the name of the site with a slight difference. One should always be prudent while sharing personal details online. Always check in newspapers or government’s official website for contributing to relief funds. Do not rely on random emails you receive.