In the final part of our three part series, which explored how malicious individuals are using the global COVID-19 pandemic as a distraction to further their criminal activities, we are focusing on how threat actors are spreading fake news and misinformation to further their nefarious gains.
Criminals are using a variety of campaigns to leverage the publics concerns over COVID-19 and their desire to stay informed on all the latest news and information. Social networking sites say they are fighting against the tirade of false stories, but the sheer volume of information which is being published and the speed in which it can be shared makes this a very difficult task.
Most users would say that they are unlikely to fall for anything which appears overly bogus. However, the reality is that millions of fake COVID-19 messages have been spread across the globe, so why does fake news spread so far and so quickly?
Many of the stories are being forwarded to people by someone they trust, such as a friend or colleague, so they are less likely to question it. For example, the widely shared COVID-19 message from Microsoft’s Bill Gates—which was shared on many national newspaper sites—was recently revealed to be a fake. In another slightly different example, a string of WhatsApp messages circulated warning people to stay indoors after 11.30pm because helicopters were going to spray disinfectant into the air to eradicate the virus.
Even more concerning is the volume of scam messages claiming to be from either government officials or law enforcement. These have included a text message from the Police that threatens to fine anyone £3,500 for leaving home too often, and a message from HMRC that asks customers for their bank details so they can issue a COVID-19 related tax refund. It’s important to note that while the government did send out a recent text explaining the new rules for the current lockdown guidelines, it has confirmed that any others claiming to be from the UK government are false. If you receive any type of message that asks for any personal credentials or account details, you should ignore and delete it immediately.
Cyber criminals never close up shop and in a major crisis such as the COVID-19 pandemic, they will be making the most of the distraction and ramping up their efforts. Please make sure your organisation continues to keep cyber security as a priority as well as including it in business continuity plans. In the meantime, ensure you continue to make cyber security a priority and if you would like to speak to our specialists to discuss your cyber security questions or requirements, please get in touch.
This article was originally published by our Cyber Partners PGI and can be found here. The article has been updated for the benefit of our clients.
© SES Secure Limited and ses-escrow.co.uk, 2020. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk, with appropriate and specific direction to the original content.