Whenever there are global news headlines that generate a lot of public interest, especially stories that may cause panic, you can bet that cybercriminals will try to leverage the situation to their advantage. Such is the case with the coronavirus (COVID-19) pandemic.
Coronavirus scams abound
Last week, the SANS Internet Storm Center reported that fraudulent e-mails have begun circulating that claim to be from the World Health Organization (WHO), with a link to a deceptive Microsoft Word document that, when activated by an unsuspecting victim, attempts to disable the built-in malware protection on Windows computers, and then attempts to download Windows malware.
Similar reports have surfaced from other malware analysis labs, detailing malicious Microsoft Office (Word, Excel, and PowerPoint) documents that attempt to infect Windows PCs.
In early March, there was even a fraud site claiming to offer a “Corona Antivirus” to allegedly “combat the virus using a mobile phone app.” Obviously, this is a ridiculous claim, but scammers will try just about anything if they think they can trick a few people into giving them money or installing malware. The earliest version of this scam site asked for donations in Bitcoin, and a later rebranding of the site instead distributed Windows malware.
"Our scientists from Harvard University have been working on a special AI development to combat the virus using a mobile phone app."
"Your mobile device actively protects you against the Coronaviruses (Cov) while the app is running."
Sounds totally believable, no?
— MalwareHunterTeam (@malwrhunterteam) March 7, 2020
At this time, we are not aware of any coronavirus-related malware specifically designed to infect Macs. We will update this article if any such Mac-infecting malware is discovered.
Aside from malware campaigns, cybercriminals have been making other attempts to defraud victims. One example is a fraudulent site that deceived victims into purchasing a supposed “WHO vaccine kit” for COVID-19—even though no vaccine actually exists at this time. The U.S. Department of Justice issued an advisory on Sunday detailing its efforts to take down the scam site.
The DOJ’s COVID-19 fraud information site (justice.gov/coronavirus) advises:
If you think you are a victim of a scam or attempted fraud involving COVID-19, you can report it without leaving your home though a number of platforms. Go to:
• Contact the National Center for Disaster Fraud Hotline at 866-720-5721 or via email at email@example.com
• Report it to the FBI at tips.fbi.gov
• If it’s a cyber scam, submit your complaint through https://www.ic3.gov/default.aspx
Be aware that criminals are attempting to exploit #COVID19 worldwide through a variety of scams. If you think you are a victim of a scam or attempted #fraud involving COVID-19, you can report it without leaving your home. Learn how: https://t.co/1G8b5BBqRn pic.twitter.com/4ht7aHx3aH
— Justice Department (@TheJusticeDept) March 23, 2020
Intego is working hard to keep you safe
Several Intego customers have inquired about the impact of COVID-19 on our company operations and staff. Our teams around the globe are following local guidance and are safely working from home, and there has not been any negative impact on Intego operations.
Our threat hunters and analysts are constantly on the lookout for new Mac malware, including but not limited to any malware exploiting the COVID-19 situation. Users of Intego’s VirusBarrier X9 software—included with Mac Internet Security X9 and Mac Premium Bundle X9—can take comfort in knowing that Intego will protect you from any new malware threats.
If any coronavirus-related malware that infects Macs is discovered, VirusBarrier X9 users will be protected via automatic updates, and we will also update this article with additional information to keep you informed.
Where can I learn more?
You can avoid COVID-19 scams by sticking to safe, official sources of news and information, such as:
If you are among the many workers worldwide who’s having to work from home, be sure to read our tips for setting up a productive home work environment and routine, and listen to our latest podcast episode:
Subscribe to Intego’s e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple, security, and privacy news.