The global outbreak of Coronavirus has caused a stir in the world. It is now a topical issue of every discussion on television, radio and print media especially in Ghana where 6 cases have been recorded. According to the World Health Organization (WHO), the virus, code-named COVID-19, has so far affected 164,837 persons in 146 countries with a death toll of 6,470 as at 11:00 GMT, March 16, 2020.
The anxiety and panic over coronavirus outbreak
The nature of the disease and the mystery of its spread has caused so much panic and anxiety over the mode of its infection, especially when WHO declared the outbreak a public health emergency. WHO’s declaration increased the global perspective of the disease and equally created greater panic and anxiety, making anything that purports to relate to coronavirus a source of attention.
People are eagerly seeking an in-depth information mostly through digital means to protect themselves and avoid travelling to places affected with the disease. While a search is ongoing to find a vaccine or a cure, cybercriminals are taking advantage of people’s anxiety and fear to sell non-existing products, disseminate unsubstantiated claims and fake news and in the process steal valuable confidential data. There have been claims from multiple sources purporting to suggest that, certain anti-malaria medications have curative tendencies for treating COVID-19. Therefore, every online information with a caption “coronavirus” tends to attract fast attention of internet users and browsers. The word “coronavirus” is perhaps one of the most searched words on the internet today, and the reason is clear.
How cybercriminals take advantage of coronavirus panic
The despair and anxiety exhibited by people in the face of seeking for coronavirus information exposes inherent vulnerabilities that make humans easy targets of cybercrime. Cybercriminals are therefore taking advantage of the human fear and uncertainty surrounding the global health emergency to launch cyberattacks. As the world continue to fight to eradicate this contagious disease, cybercriminals are also busily exploiting people’s desperation for information as a potential for cyber-attack using various methods to distribute malicious software which will aid them in accessing unauthorized and steal confidential data, disrupting digital operations and making illicit ransom money from victims.
Mode of operation by Cybercriminals
One of the methods commonly used by these cybercriminals is “social engineering”. Social engineering is the art of exploiting human weaknesses to cunningly gather sensitive and confidential information from a person. Social engineering methods use psychological tricks to create deception for people to perform an action either knowingly or unknowingly resulting to giving up confidential information.
Social engineering targets human vulnerabilities, weaknesses and flaws including anxiety, desperation, confusion, persuasion, urgency, fear, loyalty, respect, compassion, honesty, etc.
What cybercriminal do with the outbreak of COVID-19 is exploitation of people’s fears of infection to spread dubious health advice, misinformation, malware and other cyber threats.
People are anxious to learn how to avoid contacting the virus as well as desperate for news of a possible containment of the spreading outbreak. This anxiety leads to an unusual clinging to digital systems to know more about the situation. As a result, any message that carries the subject coronavirus receives easy attention including spam emails, fake websites and malicious attachments which internet fraudsters use as avenue to steal information.
The activities of cybercriminals as related to the outbreak is alarming and therefore becoming a concern. WHO has reported on their website and has cautioned people against criminals disguising themselves as WHO to steal money or sensitive information. WHO has therefore advised that, people should verify the authenticity of every email received before responding to them.
Advice to help individual and corporate internet users to safeguard their online operations amid coronavirus scams
Until the battle is over, I will urge everyone to be vigilant especially with email with string of coronavirus as a subject, as it could be a potential cybersecurity threat. Be cautious with every email with unsolicited attachment such a “Latest COVID-19 statistics, “everything about coronavirus”, “coronavirus information pack or “COVID-19 spread”. All such suspicious emails should either be ignored or deleted. Never open a suspicious email or try to download its attachment except you are sure of the source.
Verify every information source. There is currently an overload of digitized information on COVID-19 outbreak purporting to be genuine and credible, and so the need to obtain authentic information cannot be over-emphasized. Since not all information out there is factual and correct, consumers of digital services must know who to follow in the cyberspace and where to search for the right information about coronavirus on digital platforms.
One of the creditable websites to find authentic information and guidance regarding the outbreak of coronavirus is WHO’s website (https://www.who.int).
It is only natural that humans will continue to display desperation for information leading to the coronavirus control and eradication therefore it is very important for the public to exhibit caution, exercise calmness, and should not allow their desperations or anxiety over the spread of the disease to negatively influence their online behaviours.
Author: Seth Frimpong-Manso
Chief Information Security Officer, Opportunity International (Member, Institute of ICT Professionals, Ghana)
For comments, contact firstname.lastname@example.org
Mobile: +233 0247880121/0277440376