As everyone is aware of Coronavirus (COVID-19) panic situation, cybercriminals are taking the opportunity to send spam message of data giveaway by clicking on the link www.internet-covid19.com.
- Once the user clicks the link, they are asked a series of questions related to the current Covid-19 situation, to get a reward of ‘1000GB of free internet’.
- After answering the questions, the user will have to forward the link to their contacts via WhatsApp/SMS in order to claim the reward.
- Users are then forwarded to https://www2.imaginativemechanicszz.xyz/ for another round of survey questionnaire to claim another reward of $1000 voucher from Amazon or Walmart.
- Users are again forwarded to https://www.retailproductzone.com where email address needs to be entered for the reward.
- Lastly, upon entering their email address, users are forwarded to https://www.amarktflow.com for request of personal information such as Name, Address, Phone Number, Date of Birth and Gender.
- Users are tricked into giving out their personal information which may lead to identity theft.
- Collected personal information may be sold to other parties.
- Personal information can be used as a targeted list for future attacks.
- Links may direct the user to a phishing site, and in some cases embed a malware without noticing it.
- Do not click on any suspicious links or attachments.
- Do not forward the message.
- Ignore or delete suspicious messages or emails immediately.
- Use anti-virus software.
- Update your OS and applications regularly.
- Apply appropriate patches and updates immediately.
- Perform file backups regularly in an isolated network environment.
- Implement filters at the email gateway to filter out emails with known malspam indicators, such as known malicious subject lines, and block suspicious IP addresses at the firewall.
- Consider blocking file attachments associated with malware such as .dll and .exe and .zip files which cannot be scanned by an anti-virus program.
- Good cyber hygiene and safe practices.