The Coronavirus crooks are still out in full-force and trying to exploit us during the world-wide pandemic. Their current successes are being helped by website templates that enable the crooks to imitate companies and government agencies.

Over 300 phishing campaigns have been identified recently by researchers at cybersecurity company Proofpoint. The crook campaigns plan to steal your personal information, including your bank details.  They are authentic looking in both imagery and user interfaces. Often identical to the real thing!

Firstly, these crooks create high-quality malicious web domains quickly and easily, using these templates. And secondly, use the domains to insert into their COVID-19 phishing campaigns. Moreover, the templates available on these underground forums and marketplace feature multiple pages. Making them look even more authentic.

Organisations including the US centre for Disease Control, the World Health Organisation, the IRS, the UK’s HMRC and local councils across London are all being imitated by these crook campaigns. Fore instance, a phishing website was constructed to imitate the Canadian Government, it provided both English and French speaking options for filling in your personal details. In order to make it as authentic as possible, and all to hide their crookery. 

Sherrod DeGrippo, senior director of threat research and detection at Proofpoint, says that the “threat actors behind these sites pay attention to where people are going and what they use and take care to make their sites as credible as possible. It makes them look more legitimate and therefore more likely to gather the credentials from the user.”

It’s thought that crook campaigns related to COVID-19 will continue for as long as the outbreak. For the good part of this year, since the coronavirus pandemic, crooks have offered us cures, protective equipment and health regimes, all to exploit us during a time that we are most vulnerable.

The UK’s National Cyber Security Centre (NCSC), after a number of tip offs from a suspicious email-reporting service, have taken a number of fraudulent websites down.

The Cyber-crooks are using coronavirus as a subject to con their victims into giving away their personal information. Coupled with the rise in working from home has caused security risks for both people and the companies they work for alike.

Keep your personal information safe. During the pandemic season, take extra care!