In one example noted by the ACSC, a phishing email pretends to originate from the World Health Organisation Leon Spencer (ARN)
The Australian Cyber Security Centre (ACSC) has released the details of some of the cyber scams doing the rounds across the country, with the centre receiving no fewer than 45 incident reports involving COVID-19 in the past two weeks alone.
“Since early March 2020, there has been a significant increase in COVID-19 themed malicious cyber activity across Australia,” the ACSC said in a post, dated 27 March. “The Australian Competition and Consumer Commission’s [ACCC] Scamwatch has received more than 100 reports of scams about COVID-19 in the last three months, and the volumes continue to rise.
“Between 10 and 26 March, the ACSC has received over 45 cybercrime and cyber security incident reports from individuals and businesses, all related to COVID-19 themed scam and phishing activity. The true extent of this malicious activity is likely to be much higher, as these numbers only represent those cases reported to the ACSC and ACCC,” it added.
Among the scams the ACSC has been made aware of is a COVID-19 relief payment scam involving a phishing email that offers recipients $2,500 in COVID-19 assistance payments if they complete an attached application form.
According to the ACSC, the attachment contains an embedded macro that downloads malicious software onto the recipient's device. This is just one of many such scams hitting Aussie inboxes.
Indeed, there are a number of other COVID-19 phishing emails containing malicious attachments doing the rounds, with the ACSC receiving reports of COVID-19 phishing emails that have malicious Word documents or other attachments containing embedded computer viruses.
In one example noted by the ACSC, a phishing email pretends to originate from the World Health Organisation (WHO) and invites the recipient to open the attachment for advice on safety measures to prevent the spread of COVID-19.
When opened, however, the attached file contains malicious software that automatically downloads onto the victim’s device, providing the malicious actor with ongoing access which is commonly used to install other types of malware, such as spyware or personal contact details.
Another phishing campaign doing the rounds pretends to be from an international health organisation. In this example, the sender invites recipients to click on a link, ostensibly to access information about new cases of the COVID-19 virus in their local area. However, the link sends the victim to a malicious website.
Details of the scams follow previous warnings of an SMS phishing campaign involving a malicious cyber actor that registered a COVID-19 themed website in the United States on 16 March.
According to the ACSC, shortly after the domain name was registered, members of the public in Australia began reporting receiving text messages that re-directed them to a malicious website.
“The text message appeared as though it came from the government. This technique is designed to increase the legitimacy of the message and the likelihood that the recipient will click the link,” the ACSC said.
The ACSC identified that the website was hosting a well-known banking Trojan, Cerberus, that targets Android devices and is designed to steal people’s financial information.