Cyber-security experts warn about a flood of sophisticated scams related to the coronavirus pandemic.

April 21, 2020 16:19:30
If you receive a text message that appears to be from the Federal Government about coronavirus, you should think twice before clicking on any links.
Key points:

  • Cyber criminals are using the coronavirus pandemic as a “weapon”
  • Almost 100 new scams related to the pandemic have been reported since March
  • Many scams closely mimic official government communications

As Australians use their mobile phones more than ever to stay connected, cybercriminals are sending texts and emails to try to steal confidential details from unsuspecting people.
Since March, the Australian Cyber Security Centre (ACSC) has received more than 95 reports of Australians losing money or personal information as a result of COVID-19-themed scams.
The ACSC has also responded to 20 cyber security incidents affecting either government departments or private businesses that are responding to the coronavirus crisis.
The centre’s Karl Hanmore says criminal groups are using coronavirus as a weapon online.
“Their job is to steal money [and] what they are doing is just trying to get you to click,” he says.
“What’s different is the focus.
“If, right now, there’s nothing to worry about in the footy, the only thing that they [the cyber criminals] can reliably work out you’re going to be interested in is coronavirus, and so we’ve seen a trend towards that.”
Can you spot the difference?
In one case, a text message was sent to thousands of Australians on March 30 from what appeared to be the Federal Government.
It asked recipients to click on a link to learn more about COVID-19 restrictions and how to keep safe during the pandemic.
Authorities destroyed the website, but the criminals quickly issued a new text message which claimed to be from MyGov and included a new link.
While it’s not known how many people clicked through, Australians could have easily been duped because it was widely publicised that the Federal Government had issued a legitimate text message about coronavirus.
“Cybercriminals will look at existing and legitimate content that’s out there and will model the criminal scams on what’s already out there,” Mr Hanmore explains.
“So, it’s a bit challenging for people to detect.”
While many of the scams look legitimate, Mr Hanmore says there is one simple way to protect yourself.
Think twice before clicking
The safest bet is to not click any links that arrive unexpectedly in your inbox.
“On average don’t click be a little bit circumspect,” Mr Hanmore warns.
“If you’re already expecting a message, it’s coming from a colleague, coming from a friend, of course click on the link.
“But out of the blue, someone offering you free money because of coronavirus, maybe don’t click on the link.
“If someone is talking about a cure that the mainstream media is not talking about [should you] click on a link? Probably not.”
He suggests searching online for legitimate information is a reliable way to avoid clicking on a bogus link.
“It makes it very, very hard for the scammer to get you that way.”
It’s not just text messages, but emails too
Cybercriminals are closely watching government announcements and are changing their scams within hours to reflect the latest information being issued about financial support or health advice.
Earlier this month, a Federal Government department alerted the ACSC to cybercriminals imitating a senior staff member’s email.
The email included an attachment that was designed to steal information, such as banking user names and passwords, if a person opened it.
“There’s nothing stopping a criminal pretending to be somebody else, and so they will misrepresent that they are from a government agency,” Mr Hanmore says.
The ACSC called in Australia’s major telecommunications providers and Google to help block the website.
Who is behind the attacks?
Cyber criminals, not state actors, are behind most of the reported incidents to the ACSC.
And Mr Hanmore says they are scattered across the world.
“It [would be] really nice to point to one geography, but it is not the case here. We have seen reports from Africa, Eastern and Western Europe, it is a global criminal enterprise.”
What the experts are saying about coronavirus:
Mr Hanmore recommends contacting the relevant government department or business that a message has reportedly come from, to check if the details are legitimate.
“It is a degree of applying common sense. If in doubt, go to the legitimate sources of the information, go to the website or the Department of Health,” he says.
What you need to know about coronavirus:
Contact Stephanie Borys