Across the world, law enforcement and intelligence agencies are waging a different kind of war on COVID-19, one taking on scammers who’re exploiting fear around the coronavirus.
In the U.K., an arm of the GCHQ intelligence agency, has spent the last month wiping COVID-19 crooks from the web, with the National Cyber Security Centre (NCSC) announcing Monday that it had taken down more than 2,000 scams in a single month.
The swindles included: 471 stores selling fraudulent coronavirus related items, 555 websites trying to launch malware on visitors, 200 phishing sites seeking personal information such as passwords or credit card details, and 832 “advance-fee frauds” where victims are duped into handing over a “set-up” payment in the belief they’ll get a large sum in return.
You can help too
The general public can now help with the NCSC effort too, as the GCHQ organization has collaborated with the City of London police to launch the Suspicious Email Reporting Service. Anyone who receives a coronavirus-related email that they believe is from a trickster can forward it to to firstname.lastname@example.org. The link will then be checked and, if it’s determined to be a phishing email, any sites linked within the message will be “removed immediately.”
“Criminals are seeking to exploit our greater use of emails, video conferencing and other technologies for their advantage,” said the U.K. minister for security James Brokenshire. “It’s despicable that they are using the coronavirus outbreak as cover to try to scam and steal from people in their homes. We all have a part to play in seeing they don’t succeed.”
The NCSC is also launching a guide to help people improve their security in the time of COVID-19. The Cyber Aware advice includes some rudimentary, simple and effective things people can do to be more secure at home, including:
1. Turn on two-factor authentication for important accounts
2. Protect important accounts using a password of three random words
3. Create a separate password that you only use for your main email account
4. Update the software and apps on your devices regularly (ideally set to ‘automatically update’)
5. Save your passwords in your browser
6. To protect yourself from being held to ransom, back up important data
Earlier this month, the NCSC and the U.S. joined forces to issue an alert about COVID-19 scams, releasing a growing list of 2,500 websites and emails to watch out for. But in better news, though cryptocurrency scammers are taking advantage of the world’s focus on the coronavirus, their profits have actually dropped 33% in dollar terms.
UPDATE: According to the NCSC, in one day of the reporting service being live, it had received more than 5,000 reports, which led to 83 malicious campaigns being taken down.