Complex Made Simple

Palo Alto Networks discovers new COVID-19 themed consumer scam campaigns

Unit 42 researchers found an immense increase in Coronavirus-related Google searches and URLs viewed since the beginning of February. Cybercriminals are looking to profit from such trending topics, disregarding ethical concerns, and in this particular case preying on the misfortunes of billions

From January 1 to March 31, Unit 42 identified 116,357 coronavirus-related newly registered domain names 656% increase in the average daily number of malicious COVID-19 themed domains from February to March webshops advertise deals that are too good to be true in the current Coronavirus pandemic

Unit 42 (the Palo Alto Networks threat intelligence team) released research on new COVID-19 consumer scam campaigns. The findings shed light on how cybercriminals are preying on victims during the COVID-19 pandemic.

From January 1 to March 31, Unit 42 identified 116,357 coronavirus-related newly registered domain names (roughly 1,300 domains per day). Out of these, 2,022 are malicious and 40,261 are “high-risk”. Of note, Unit 42 found a 656% increase in the average daily number of malicious COVID-19 themed domains from February to March.

Exclusive: The impact of COVID-19 on the tech sector – Dimension Data Q & A

Unit 42 also observed several campaigns:

  • Phishing attacks: Emails with a link to a fake Bank of America website to fool users into giving away their login credentials. Other attacks included fake Apple, PayPal and Outlook websites.

  • Fake webshops: Scam websites that offered high-demand items like face masks or hand sanitizers for a discounted price. For example, often these webshops advertise deals that are too good to be true in the current Coronavirus pandemic

Exclusive: The impact of COVID-19 on the tech sector – Riverbed Q & A

  • Credit card skimmers: Scripts on other malicious stores that sell pandemic-relevant goods to steal credit card information.

  • Fake ebooks: Domains set up to prey into consumer fear and coerce them into buying COVID-19 ebooks by playing a video about the scariest situations and events related to the pandemic. 

Exclusive: The impact of COVID-19 on the tech sector – Admitad Q & A

  • Illicit pharmacies: Unlicensed and leverage compromised websites that use domain names suggesting they sell remedies for COVID-19 when they actually advertise Viagra and other drugs unrelated t