Global internet security company Fraudwatch International has promised to track down and report COVID-19 scams and make data on them and their domains available via real-time API access for security teams to blacklist.
The Melbourne, Australia-headquartered security firm said the move was one of several steps it was making to take on scammers, including using its own resources to “hunt down” and “take down” malicious coronavirus activity.
The comments came as growing swathes of security researchers and firms have vowed to bring the fight to cyber criminals capitalising on the pandemic, with Mikko Hyppönen, Chief Research Officer at F-Secure, among those speaking out.
Public message to ransomware gangs: Stay the f away from medical organizations. If you target hospital computer systems during the pandemic, we will use all of our resources to hunt you down.
— @mikko (@mikko) March 18, 2020
Consumers have been experiencing huge spikes in online attacks masquerading as coronavirus information and support. These attacks consist of, amongst others, malicious mobile apps, advertising of fraudulent products, fake news and either targeted or social media based phishing attacks.
As Computer Business Review recently reported, security firm Check Point said March 20 that it had seen over 6,000 new coronavirus-related domains registered in a mere week: it found 2,200 to be suspicious and confirmed 93 as malicious.
FraudWatch founder and CEO, Trent Youl said: “We have the tools, knowledge and expertise to help protect the global community.. and feel it is our social responsibility to do what we can to make a positive impact”.
Analysis by ANY.RUN, an interactive online malware analysis service, this week revealed the top 10 COVID-19 themed attacks by malware type.
The “Lokibot” spyware family (recently noted impersonating a popular game launcher to trick users into executing it) is among the chief culprits.
TOP10 #COVID19 themed attack statistic by uploads to https://t.co/245WUSORl3
Search for IOCs and samples using tag #COVID19 in public submissions: https://t.co/DqbY2v5gW5 pic.twitter.com/iBY0TDdlEq
— ANY.RUN (@anyrun_app) March 24, 2020
How Will They Do It?
Fraudwatch said it will provide lists of COVID-19 related fraudulent URLs, updated in real time, for internet service providers and other cyber security companies to block.
In March 2020, the UK’s National Fraud Intelligence Bureau (NFIB) reported that 21 cases of COVID-19-related fraud schemes alone had resulted in the loss to businesses and individuals of £800,000 in the UK alone. The NFIB cited specific examples which included the fraudulent sale of face masks and sites which promised victims a map of COVID-19 infections near them in return for a bitcoin payment.
The report concluded with this sage warning:
“Organizations have become more aware of the risks of the spread of misinformation over the past year, but there is still onus on users to ensure that the information they digest and share is legitimate. This is particularly important during global health crises, where the ramifications of misinformation can be deadly”.