The vast majority of people are decent human beings. However, cybercriminals are not. You’d think that during the world-wide COVID-19 pandemic, killing large numbers of people and making others critically ill, and where folks can’t get hold of basic goods as people are frightened to the point of panic buying, that even cybercriminals would put the brakes on. But no.
This week's 'Breaking Scam', yet again, shows that cybercriminals will take advantage of anything they can get their grubby hands on. I had several phishing emails this week, all taking advantage of people's worries about the current Coronavirus pandemic. All were focused on aspects of panic buying of toilet rolls, face masks, and getting food deliveries.
Scam Email 1: The Toilet Roll Scam
Panic buying due to coronavirus fears has resulted in empty supermarket shelves. For some unknown reason, toilet roll has been hit badly. A toilet roll is probably worth the same amount as a gold bar at this point. Cybercriminals know that this scarce commodity will be of interest to many of us.
The toilet roll-related phishing scam had an image of a pack of Andrex toilet tissue. The offer was to click on a link to receive free test samples; let’s face it if you are running out of loo roll in a climate of fear, uncertainty, and doubt, you may be tempted to click. This is exactly what the fraudsters are hoping will happen; so, they use fear to make that click happen.
Scam Email 2: Food Delivery Scam
Food deliveries have been all but stopped by the big supermarkets in the UK. You can get them if you fall into certain groups, but most of us have to find ways, to turn up to the shops. The food delivery scam email offers you a chance to win a £50 gift card for home delivery of food. To enter the competition, of course, you have to click the link.
Scam Email 3: 50% Off Face Masks Scam
If you have to venture out in public, you may want to take precautions, and many choose to wear a face mask. This scam email offers ‘SafeMask’ which “keeps you and your loved ones safe…even during the yearly outbreaks of dangerous viruses”. To receive a 50% discount on SafeMask you must click a link.
The Tricks of the Scammer
All three of the scam emails used the tricks of fear and concern about missing out. Certain phishing emails we have reviewed in the past use this same technique of fear to encourage a link click. For example, the “TV License scam” made an attempt to worry the recipient enough about losing their TV to click a malicious link. However, this time, the level of worry caused by the Coronavirus pandemic is massive and this may well result in increased clicks on a malicious link.
What Happens if You Click the links?
We analysed the sites that the links went to. All were a security risk. Some were more critical than others, for example, the toilet roll scam was at a critical risk level. The types of risk that clicking on the links bring are:
- Adware, programs that make ads pop up with you use a browser. At worst they are annoying, but they can be used as doorways to allow more malicious malware to be installed.
- Malware that steals data such as login credentials.
- Phishing attempts, the link goes to a page asking for your personal details to send out your toilet rolls samples or your shopping voucher. If you enter those details, they will be sent to the fraudster behind the scam who will use them for fraudulent purposes.
In the case of the three COVID-19 related scams, the likelihood is all three malicious sites were set up to collect personal details for use in fraud.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
UK Toilet Roll Scam
A number of emails on the theme of COVID-19 related issues, such as free toilet roll or home delivery vouchers are doing the rounds. These emails are scams and you MUST NOT click on any links in the email and delete it immediately.
ALWAYS AVOID CLICKING LINKS IN EMAILS.
For more information on what to do if you receive a phishing email check out "What to Do if You Click on a Phishing Link?"
Don't forget to share this with your colleagues and friends and help them stay safe.
Let’s keeping breaking scams
Subscribe to the Proofpoint Blog