Don’t Fall Prey to Cybercriminals Exploiting COVID-19 Pandemic

COMMENTARY Cybersecurity

Don’t Fall Prey to Cybercriminals Exploiting COVID-19 Pandemic

Apr 2nd, 2020 2 min read
COMMENTARY BY
James Di Pane

Research Associate, Center for National Defense

James is a research associate in Heritage's Center for National Defense.
The FBI has warned of a spike in cybercrime, as hackers have increased their activity and are using people’s need for information against them.  boonchai wedmakawand/Getty Images

Key Takeaways

Since the COVID-19 pandemic has spread throughout the United States, so have cybercrime attacks.

Email is by far the primary line of attack for hackers. An estimated 9 out of 10 hacks begin from a compromised email.

Cybercriminals are using a global pandemic to attack people online. We should all be wary of these scams and take precautions to protect ourselves from them.

As though things weren’t bad enough, now we learn that hackers are using the COVID-19 coronavirus crisis to attack individuals and organizations. 

The FBI has warned of a spike in cybercrime, as hackers have increased their activity and are using people’s need for information against them. 

COVID-19 has a lot of people worried and unsure about the future. They are desperate for updated information and eager to see updates that might tell them more about the pandemic and restrictions. 

A lot of people also are working remotely and spending more time on computers in general. Hackers are exploiting all of this to commit cybercrimes. 

A hacker is basically an unauthorized person gaining access to a system or data. Malware is used to give the hacker access to the computer so the hacker can either steal stuff or lock the computer down in an attack typically referred to as ransomware. 

All hacks begin with an initial compromise of the system. That’s where an innocent-looking email comes into play.

Email is by far the primary line of attack for hackers. An estimated 9 out of 10 hacks begin from a compromised email.

Whether it’s a link to a spam website or a corrupted attachment, hackers will use email as the method and COVID-19 as the “clickbait” to get people to compromise their information. 

Basically, a hacker sends an email to an individual with malware that looks like legitimate information on COVID-19. The email could have something enticing like “New treatment for COVID-19 looks promising” or “Here’s how to protect your family from the coronavirus.”   

Once the unsuspecting recipient clicks a link or enters his or her data, the malware has an opening into the computer or network and immediately begins compromising it. 

Since the COVID-19 pandemic has spread throughout the United States, so have cybercrime attacks. 

These attacks seem to be focused on states with large COVID-19 outbreaks, but everyone is vulnerable to them, regardless of where they live. California, New York, and Washington state are being targeted more heavily than the other states. 

Almost all of these attacks are coming from outside of the United States. Foreign powers like China, Russia, Iran, and North Korea all use malicious cyberactivity as part of their competition with the U.S. 

On March 6, the Department of Homeland Security put out an alert warning people of potential scams that appear to be offering insights about the virus. 

The alert also offered some good suggestions for how people can help avoid scams and protect themselves online. Those tactics are good during times of crisis and increased attacks, and are also good to practice in general. 

You should always be suspicious of unsolicited emails and wary of any links or attachments contained in them. 

You should not reveal personal or financial information in an email, and be wary of any emails asking you to do so. Verify charities are legitimate before sending money to them. 

You should rely primarily on trusted sources, such as government websites for updates and information. For example, the Centers for Disease Control and Prevention has a site that covers the coronavirus that people can go to for up-to-date information. 

Cybercriminals are using a global pandemic to attack people online. We should all be wary of these scams and take precautions to protect ourselves from them.

This piece originally appeared in The Daily Signal