Boom of cyber attacks that ride the fear of the epidemic. The latest threat runs via text message or chat. Here are all those reported by the experts
A message containing a promise, which is actually a trap, turns via SMS or other channels. And read: click here to find out if there are people infected with coronavirus near you. Words may change – at the moment the danger has been spotted by Kaspersky’s experts especially in Spain – but the substance is the same. With the click, the user is infected with the Ginp Trojan malware and pushed to a web page called Coronavirus Finder. Here he is asked to enter his credit card details to get the promised information at the cost of 75 cents only.
The malware on smartphone that steals credit card data
The payment does not take place, but the criminals steal the card data as well as the authorization password that should arrive via text message to the user. And so they can use this information to steal money from the victim. Ginp can also steal other passwords and personal data that it finds on your mobile phone. The cyber threat, reported in the past few hours by Kaspersky, is one of many that are trying in this period to ride the fears connected with the epidemic. This however is particularly sophisticated. It also uses text messages to send itself to other contacts in the address book of the smartphone it has infected. We may therefore receive a text message from a friend, who invites us to click on a link with that promise. After installing on the smartphone, it can make the payment window appear even within the Google Play Store, as a pop-up. At the moment it seems to affect only Android smartphones. IPhones would then be protected.
“Ginp is a Trojan that has rapidly evolved since its first appearance, constantly acquiring new skills. Furthermore, while in the past the victims of this attack were mainly residents of Spain, the name of the latter version suggests that the attackers are planning to target other countries too, “writes Kaspersky in a statement. “Cybercriminals have been trying to take advantage of the coronavirus crisis for months by launching phishing attacks and creating themed malware. This is the first time, however, that we see a banking Trojan attempting to capitalize on the pandemic. It is an alarming situation, especially because Ginp is a very effective Trojan. For this reason we encourage Android users to pay close attention and look skeptically at pop-ups, unknown web pages and coronavirus messages, “he said. Alexander Eremin, Kaspersky security expert.
The fake coronavirus sites that steal personal data
Cyber threats related to coronavirus multiply, in various forms, at this stage. Checkpoint experts report the birth of 16 thousand fake themed websites in the last 20 days. They seem to have updated information and maps. But to those who surf there – for example by following a link that arrives via email – the page tries to install malware, which steals personal information on the computer.
Email with scams and malware
In recent days Republic has reported two other threats, which come via email. The first – already appeared in January – is an email that promises, in the attachment, useful information on how to protect yourself from the virus; instead, it is a file that steals your personal data. The second attack is based on emails that appear to come from your bank. They contain a false information note aimed at protecting the customers of the credit institution. The emails sent by the cybercriminals attempt to induce the victim to click on the link in the text, with the excuse of reading an urgent communication relating to the health emergency for the Covid-19 coronavirus. In fact, by clicking on the link, users are redirected to a phishing site and invited to enter their credentials for home banking. In the last hours there seems to be a third type of attack: attached to emails that promise important information that a ransomware, which blocks the PC and asks for 45 euros to unlock it.
Tips to defend yourself
The experts’ advice against these threats is the classic one of IT security: download only the applications on the official stores; never click on suspicious links and never reveal sensitive information, such as passwords or credit card credentials. Be wary of emails that contain attachments in general, especially if not expected and of unknown senders. Do not open the relative attachments, do not click on the links (simply opening the page can lead to the installation of the malware), even those that arrive via message on smartphone. It can also be useful to install an antivirus on a smartphone. Don’t trust senders who seem institutional. The bank or the World Health Organization does not contact people by email with important information. If we read the sender’s address we can notice some anomaly, which for example has a different domain from the declared one. Finally, as regards the coronavirus specifically, trust only the instructions on the institutional sites, such as www.salute.gov.it/nuovocoronavirus.
The outbreak increases cyber attacks
“In this period of quarantine and smart working, the” online “part of people’s lives has increased dramatically: users who have not known how to shop online until the last month have landed in the digital world while those who were already accustomed to technology, now it makes it the main communication and work tool, “he comments Paolo dal Checco, well-known forensic computer expert in cyber security. “This has led to lower defenses and enormously increase the attack surface: new messaging, videoconferencing, localization apps come out every day, the security and reliability of which are often not able to evaluate”. “I am verifying – the expert continues – in recent weeks a sharp increase in attacks on companies and individuals through malicious software, phishing and the use of passwords found online. The aim of the attacks is to obtain money through credit cards and bank accounts. or access to services and devices to be used to perpetrate further crimes “. “Unfortunately it is not enough to have an antivirus or antimalware on board, although it is certainly a good practice, it is therefore important to pay personal attention to your habits and, in the company, to maintain an adequate level of security especially if you decide to give employees and collaborators the possibility to connect to the internal network remotely “.