The coronavirus is an all hands on deck situation in the healthcare field.
And also at the FBI's Internet Crime Complaint Center, the IC3.
How many coronavirus cybercrime complaints so far?
The FBI says it has investigated more than 1, 200 complaints of COVID-19 related cybercrimes as of March 30, 2020. And many of these attacks take advantage of what connects us most right now, our technology.
"Computer systems and virtual environments provide essential communication services for telework and education, in addition to conducting regular business. Cyber actors exploit vulnerabilities in these systems to steal sensitive information, target individuals and businesses performing financial transactions, and engage in extortion."
5 types of coronavirus cybercrime tracked by the FBI
In a new advisory, the FBI lists several types of cybercrime and cyberscams against individuals and organizations. Here are five examples:
- "Cyber actors have engaged in phishing campaigns against first responders."
- "Bad actors have launched DDoS attacks against government agencies."
- Cybercriminals have "deployed ransomware at medical facilities."
- Hackers have "created fake COVID-19 websites that quietly download malware to victim devices."
- Coronavirus Business Email Compromise attacks: "During this pandemic, BEC fraudsters have impersonated vendors and asked for payment outside the normal course of business due to COVID-19."
These BEC scams and cyberattacks are part of the Business Enterprise Model of cybercrime. Hear more in our podcast interview with the U.S. Secret Service:
How to guard against COVID-19 related BEC attacks
To protect yourself from BEC attacks during this pandemic and going forward, the FBI suggests you tell your end-users to watch for these warning signs:
- The use of urgency and last-minute changes in wire instructions or recipient account information;
- Last-minute changes in established communication platforms or email account addresses;
- Communications only in email and refusal to communicate via telephone;
- Requests for advanced payment of services when not previously required; and
- Requests from employees to change direct deposit information.
See the FBI's IC3 Advisory on coronavirus related cybercrime.
