Malicious COVID-19 domains and special virus-themed sales on the dark web are two ways criminals are using the outbreak to ramp up business, said security provider Check Point.
The coronavirus is causing pain, anxiety, and stress for people and countries around the world. But for cybercriminals, the spread of COVID-19 is an area ripe for exploitation and profitability. The objective is to target people looking for information about the virus and hit them with associated malware. Two ways that bad actors are taking advantage of the crisis is through coronavirus domain names and sales on the dark web, as described in a blog post published Thursday by Check Point Security.
SEE: Coronavirus and its impact on the enterprise (TechRepublic Premium download)
In its post “COVID-19 Impact: As Retailers Close their Doors, Hackers Open for Business,” Check Point noted a surge in domains using the name of coronavirus or COVID-19. Since the start of January when reports of the first outbreaks surfaced, more than 16,000 new coronavirus-related domains have been registered.
In the past week, more than 6,000 new domains appeared, an 85% jump from the previous week. Some 19% of the domains analyzed by Check Point were suspicious, while just under 1% were found to be malicious.
Beyond setting up domains, cybercriminals are busy on the dark web offering special coronavirus-themed sales and discounts on malware and exploit tools. Some of the offers are even using the terms “COVID19” and “coronavirus” as discount codes.
In one example, a promotion named “CoronaVirus Discount! 10% off ALL products” is offering such tools as a “WinDefender bypass” and a “Build to bypass email and chrome security.” In another, a group of hackers calling itself SSHacker is selling a tool to hack into Facebook accounts at 15% off with a COVID-19 code.
SEE: Healthcare devices at higher cybersecurity risk now due to COVID-19 (TechRepublic)
Even bogus online sellers are getting into the act by promoting fake online sales at incredible prices. One seller named True Mac is selling a MacBook Air for just $390 as a “corona special offer.”
As coronavirus-themed malware spreads, Check Point offers the following advice to better protect yourself and your organization from online scams:
- Be cautious with emails and files received from unknown senders, especially if they are offering special deals or discounts.
- Don’t open unknown attachments or click on links in the emails.
- Ensure you are ordering goods from an authentic source. One way to do this is NOT to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page.