[ALERT] ADVISORY ON COVID-19 DATA GIVEAWAY SPAM WARNING

Submitted by irteam on Thu, 03/26/2020 - 21:50

Background Description

As everyone is aware of Coronavirus (COVID-19) panic situation, cybercriminals are taking the opportunity to send spam message of data giveaway by clicking on the link www.internet-covid19.com.

Modus operandi:

  1. Once the user clicks the link, they are asked a series of questions related to the current Covid-19 situation, to get a reward of ‘1000GB of free internet’.
  2. After answering the questions, the user will have to forward the link to their contacts via WhatsApp/SMS in order to claim the reward.
  3. Users are then forwarded to https://www2.imaginativemechanicszz.xyz/ for another round of survey questionnaire to claim another reward of $1000 voucher from Amazon or Walmart.  
  4.  Users are again forwarded to https://www.retailproductzone.com where email address needs to be entered for the reward.  
  5.  Lastly, upon entering their email address, users are forwarded to https://www.amarktflow.com for request of personal information such as Name, Address, Phone Number, Date of Birth and Gender.

Impact

  • Users are tricked into giving out their personal information which may lead to identity theft.
  • Collected personal information may be sold to other parties.
  • Personal information can be used as a targeted list for future attacks.
  • Links may direct the user to a phishing site, and in some cases embed a malware without noticing it.

 Recommendations

  •  Do not click on any suspicious links or attachments.
  •  Do not forward the message.
  •  Ignore or delete suspicious messages or emails immediately.
  • Use anti-virus software.
  •  Update your OS and applications regularly.
  •  Apply appropriate patches and updates immediately.
  •  Perform file backups regularly in an isolated network environment.
  •  Implement filters at the email gateway to filter out emails with known malspam indicators, such as known malicious subject lines, and block suspicious IP addresses at the firewall.
  •  Consider blocking file attachments associated with malware such as .dll and .exe and .zip files which cannot be scanned by an anti-virus program.
  •  Good cyber hygiene and safe practices.