SCAM ALERT PART TWO: Watch Out For These Risky COVID-19 Websites And Emails

A report from cybersecurity company Recorded Future noted a significant rise in website registrations related to the COVID-19 virus, some of which it believes are being used to either pilfer information from recipients or infect them with malware.

Lindsay Kaye, director of operation outcomes at Recorded Future, specifically called out the following domains as potentially dangerous:

• coronavirusstatus[.]space

• coronavirus-map[.]com

• blogcoronacl.canalcero[.]digital

• coronavirus[.]zone

• coronavirus-realtime[.]com

• coronavirus[.]app

• bgvfr.coronavirusaware[.]xyz

• coronavirusaware[.]xyz

Forbes also had Bernardo Quintero, founder of the Google-owned malware repository and anti-virus testing service VirusTotal, take a look at the domains reported by Recorded Future.  He said the following websites also showed signs of malicious behavior, as they’re being detected by anti-virus software:

• corona-virus[.]healthcare

• survivecoronavirus[.]org

• vaccine-coronavirus[.]com

• coronavirus[.]cc

• bestcoronavirusprotect[.]tk

• coronavirusupdate[.]tk

To avoid any risk, avoid visiting any of those websites. If you see any emails coming from such domains (e.g. those sent from @coronavirusstatus[.]space addresses) or if they’re linked in any emails, it’s worth taking extra precautions. Don’t click on any links within the email and don’t open any attachments. Simply close the email and delete to avoid further risk.

A significant number of additional coronavirus-related domains have been registered in recent days, and whilst they hadn’t yet been linked to criminal activity, they may do in the coming weeks.

There are, for instance, domains registered that appear to come from the Centers for Disease Control and Prevention (CDC), when in fact they’re from dangerous spammers. Researchers have already found one malware that was spread via the legitimate-looking email address CDC-Covid19@cdc[.]gov. And, as previously reported, there is at least one malicious coronavirus map that secretly installs malware that can steal information from victim PCs.

“It is advisable to treat all emails regarding the COVID-19 outbreak with caution,” wrote Recorded Future.

Phishing email examples

Cybersecurity company FireEye provided Forbes with a handful of example spam emails. Often such scams will ask you to click on a link or attachment so that you can get more information about protecting yourself from coronavirus.

Again, if you see anything that looks like they following, it’s wise to close and delete the email, and not click on links or attachments.

Here are some of the attachments being sent in COVID-19 phishing emails. If you’ve downloaded something similar to this, run your antivirus and any other security tools that can help you check for infection.