Why pandemics pose as an opportune time for phishers to engage in illicit activities

For as long as technology has existed, cybercrime has been the likely nemesis. The internet, with all of its possibilities, was never part of a large-scale evolution plan; it just happened. And when it did, lawmakers, governments and everyday users were suddenly confronted with challenges they had never previously imagined.

In pandemics, these challenges are exacerbated, simply because fear breeds irrationality. Cybercriminals rely on basic psychological principles to lure their victims. When people are anxious, they seek out new sources of information to follow a developing story. Cybercriminals rely on the understanding that people are more likely to let their guard down and feel enticed by a phishing email or link that is seemingly relevant to the story as it unfolds. Since COVID-19 was declared a global health issue earlier this year, cybercriminals have been exploiting people’s fear to wage their campaigns, and by the end of the first quarter, tens of thousands of coronavirus-related spam attacks were already observed across the world.

The motives? Primarily financial, but that is not to rule out other consequences, including online impersonification and identity theft.

Social Engineering to Manipulate Users

Phishing uses social engineering tactics to reach a wider spectrum of victims. To maximise the effectiveness of their attacks, phishers often aim to trigger the fast decision-making processes of our brains by sending links to lucrative offers, prizes or opportunities, through emails or social media. In the links, users are encouraged to sign up by entering private information or to unknowingly download malicious code such as malware, viruses and ransomware into their machines.

As a more widely adopted cyberattack technique, phishing utilises a common tactic such as domain squatting, where attackers register websites and emails that resemble popular domains to appear more legitimate to users under attack.

Flashy email subject lines, such as ‘Order approved COVID-19 test – limited quantities’ or ‘President Trump tests positive for the novel coronavirus’, act as automatic triggers, arousing our curiosity and demanding our immediate action. For cybercriminals, a click of a button presents a window of opportunity.

Another rising important attack vector is teleconferencing platforms. With the spike in using video-conferencing tools such as Zoom due to the pandemic, there has been an incoming tide of fake domains related to such platforms, which suggests that cybercriminals are planning attacks on platform users. We have also recently observed that hundreds of newly registered domains contain the words ‘COVID19’ or ‘coronavirus’ and appear to have been registered for malicious purposes.

In Qatar, stakeholders have also observed coronavirus-related targeted attacks, but they have been so far unsophisticated and easily detectable. However, stakeholders remain vigilant and have issued advisories to warn their employees and raise awareness.

Verify (Verify Always)

Twitter – being a go-to social media tool for COVID-19 news – has in recent years scaled up its security measures. Users can easily validate the authenticity of Twitter accounts with an identifiable blue badge. For websites that mimic government websites, users can check if it matches the domain name of the government website in question as they scan top Google search results. Users should also ensure that URLs have an HTTPS prefix, although many fake domains are now also using HTTPS to trick users.

In some instances, the consequences of propagating unverified information can be dire. Media reports on fatalities as one consequence of panic-buying are surely disturbing. Social media platforms can move societies, governments, and economies, but when misused can also evoke undesirable outcomes.

Fortunately, several preventative measures (including working remotely) have been employed to slow down the spread of the virus. All of these indicators are a clear embodiment of the commitment of global authorities in addressing people’s concerns. Propagating fake news can harm public awareness and create an imbalance in a country’s needs and priorities.

In times of a pandemic, achieving common good should clearly override our individualistic tendencies. Users can practice responsible citizenship when they fact-check the links they share within their social media circles.

This article is written by Dr Mashael Al Sabah, a Senior Scientist at Qatar Computing Research Institute, part of Hamad Bin Khalifa University. The views expressed are the author’s own and do not necessarily reflect the university’s official stance.