Covid-19 scams continue. Here’s how to avoid them

Welcome to Cyber Security Today. It’s Wednesday March 18th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

Cyb er Security Today on Amazon AlexaCyber Security Today on Google PodcastsSubscribe to Cyber Security Today on Apple Podcasts

 Criminals continue to try to sucker people worried about the Covid-19 pandemic into making mistakes that infect their computer. According to security vendor Proofpoint, one of the latest is an email that pretends to be from the Public Health Agency of Canada. There are a couple of tip-offs this is a scam: First, the address it comes from doesn’t look real. It starts “publichealth@” but what comes after is nonsense. Any message coming from the Government of Canada ends in “Canada.ca.” Second the message is addressed to “Dear Parents and Guardians.” Third there’s a supposed attached letter you have to click on from the Medical Office of Health with information. Look, if any government wants to send people health information, it will be included in the email, not as an attachment. And finally, how does the Public Health department have your email?

As I’ve said before criminals always take advantage of a big event — like Christmas, the Super Bowl or health emergencies — to try and spread malware. So don’t click on COVID-19 related messages with attachments. Don’t forward them to family or friends.

In general, be wary of websites that start “Coronavirus” or “Covid.” They could be phony. A security firm called Domain Tools this week reported on one called “coronavirusapp.site.” It supposedly has an app that tracks virus outbreaks. But download it and you get infected with ransomware.

Legitimate information comes from government, university, hospital and news sites with names you know. And that’s how the name of the website starts. Like the real Canada Public Health Agency website, which is health.canada.ca. On that site there’s a lot of information under Covid-19.

UPDATE: Security reporter Brian Krebs says criminals have set up a company allegedly based in Quebec and Nebraska to recruit people to help launder money in COVID-19 scams. Called Vasty Health Care Foundation, it’s recruiting people to unwittingly act as “mules” in washing money. Krebs says the content on Vasty’s site was lifted almost entirely from globalgiving.org, a legitimate charity that actually is trying to help people affected by the pandemic. Vasty is recruiting through email pitches. Those who fall for the scam are asked to open a Bitcoin account to process so-called donations. However, these funds are really stolen money from hacked bank accounts.

The number of scams is so serious that Facebook, Google, Microsoft, Twitter, LinkedIn, Reddit and YouTube sent out a statement on Monday saying they are working closely together to combat fraud and misinformation about the virus on their platforms. However, usually they aren’t fast enough so you still need to be careful.

By the way watching out for email, text and social media scams is especially important for people now working from home and using their own computers to connect to work applications and data. A mistake could infect your employer’s system. A security awareness company called KnowBe4 reminds those newcomers working from home to keep their computers updated with the latest software patches, and if you don’t have one now get a password manager to protect and keep track of passwords. IBM reminds new home workers to use multi-factor authentication to beef up login security on as many apps as possible. And because your computer is now the way you connect to the office don’t download corporate files without proper authorization.

Here’s another tip: Think carefully about letting family and friends use a computer that’s also now used for work.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.