The global outbreak of Coronavirus has
caused a stir in the world. It is now a topical issue of every discussion on
television, radio and print media. According to the World Health Organization
(WHO), the virus, code-named COVID-19, has so far affected 93,166 persons in 77
countries with a death toll of 3,199 as at 17:00 GMT Wednesday, March 4, 2020.
The anxiety and panic over coronavirus
outbreak
The nature of the disease and the
mystery of its spread has caused so much panic and anxiety over the mode of its
infection, especially when WHO declared the outbreak a public health emergency.
WHO’s declaration increased the global perspective of the disease and equally
created greater panic and anxiety, making anything that purports to relate to
coronavirus a source of attention.
People are eagerly seeking an in-depth
information mostly through digital means to protect themselves and avoid
travelling to places affected with the disease. While a search is ongoing to
find a vaccine or a cure, cybercriminals are taking advantage of people’s
anxiety and fear to sell non-existing products, disseminate unsubstantiated
claims and fake news and in the process steal valuable confidential data. There
have been claims from multiple sources purporting to suggest that, certain
anti-malaria medications have curative tendencies for treating COVID-19.
Therefore, every online information with a caption “coronavirus” tends to
attract fast attention of internet users and browsers. The word “coronavirus”
is perhaps one of the most searched words on the internet today, and the reason
is clear.
How cybercriminals take advantage of
coronavirus panic
The despair and anxiety exhibited by
people in the face of seeking for coronavirus information exposes inherent
vulnerabilities that make humans easy targets of cybercrime. Cybercriminals are
therefore taking advantage of the human fear and uncertainty surrounding the
global health emergency to launch cyberattacks. As the world continue to fight
to eradicate this contagious disease, cybercriminals are also busily exploiting
people’s desperation for information as a potential for cyber-attack using various
methods to distribute malicious software which will aid them in accessing
unauthorized and steal confidential data, disrupting digital operations and
making illicit ransom money from victims.
Mode of operation by Cybercriminals
One of the methods commonly used by
these cybercriminals is “social engineering”. Social engineering is the art of
exploiting human weaknesses to cunningly gather sensitive and confidential
information from a person. Social engineering methods use psychological tricks
to create deception for people to perform an action either knowingly or
unknowingly resulting to giving up confidential information.
Social engineering targets human
vulnerabilities, weaknesses and flaws including anxiety, desperation,
confusion, persuasion, urgency, fear, loyalty, respect, compassion, honesty,
etc.
What cybercriminal do with the outbreak
of COVID-19 is exploitation of people’s fears of infection to spread dubious
health advice, misinformation, malware and other cyber threats.
People are anxious to learn how to avoid
contacting the virus as well as desperate for news of a possible containment of
the spreading outbreak. This anxiety leads to an unusual clinging to digital
systems to know more about the situation. As a result, any message that carries
the subject coronavirus receives easy attention including spam emails, fake
websites and malicious attachments which internet fraudsters use as avenue to
steal information.
The activities of cybercriminals as
related to the outbreak is alarming and therefore becoming a concern. WHO has
reported on their website and has cautioned people against criminals disguising
themselves as WHO to steal money or sensitive information. WHO has therefore advised
that, people should verify the authenticity of every email received before
responding to them.
Advice to help individual and corporate
internet users to safeguard their online operations amid coronavirus scams.
Until the battle is over, I will urge
everyone to be vigilant especially with email with string of coronavirus as a
subject, as it could be a potential cybersecurity threat. Be cautious with
every email with unsolicited attachment such a “Latest COVID-19 statistics,
“everything about coronavirus”, “coronavirus information pack or “COVID-19
spread”. All such suspicious emails
should either be ignored or deleted. Never open a suspicious email or try to
download its attachment except you are sure of the source.
Verify every information source. There
is currently an overload of digitized information on COVID-19 outbreak
purporting to be genuine and credible, and so the need to obtain authentic
information cannot be over-emphasized. Since not all information out there is
factual and correct, consumers of digital services must know who to follow in
the cyberspace and where to search for the right information about coronavirus
on digital platforms.
One of the creditable websites to find
authentic information and guidance regarding the outbreak of coronavirus is
WHO’s website (https://www.who.int).
It is only natural that humans will
continue to display desperation for information leading to the coronavirus
control and eradication therefore it is very important for the public to
exhibit caution, exercise calmness, and should not allow their desperations or
anxiety over the spread of the disease to negatively influence their online
behaviours.
Author: Seth Frimpong-Manso
Chief Information Security Officer, Opportunity International (Member, Institute of ICT
Professionals, Ghana)
For comments, contact sethiquo@yahoo.co.uk
Mobile: +233 0247880121/0277440376
Source: www.iipgh.org
