Opportunistic malicious actors are exploiting people’s concerns and desire for information about the COVID-19 pandemic by directing them towards websites designed to either install malicious software or steal personal information. In the last few weeks, the Australian Cyber Security Centre (ACSC) has observed thousands of COVID-19-related websites being registered. While the majority of these websites are legitimate, many are being created by malicious cyber actors seeking to exploit Australians during this difficult time.
The malicious COVID-19 websites are designed to look legitimate or impersonate well-known organisations, making it difficult for individuals to detect. Cybercriminals use them to install computer viruses onto people’s devices, such as banking Trojans or different variants of ransomware, in order to generate profit. In other cases, they seek to harvest user credentials, such as personal identification, passwords and bank details, which are then used to gain access to the user’s networks, devices or online financial accounts.
The ACSC, with assistance from our law enforcement and industry partners, is engaged in efforts to disrupt or prevent these malicious COVID-19 themed cyber activities. Ongoing analysis of COVID-19 scams and phishing emails indicates the majority of them are quite sophisticated, often impersonating trusted entities such as the Australian Government. The methods used are constantly evolving, with malicious actors regularly adapting their tradecraft to circumvent attempts to stop them.
Those engaged in cybercrime activity are not constrained by geographic borders and their actions can have far-reaching consequences. The ACSC is aware of reports that malicious actors based in Eastern and Western Europe, Asia and Africa have been responsible for launching COVID-19 themed malicious cyber activity, including against Australians.
The ACSC strongly encourages organisations and individuals to remain vigilant against the threat of COVID-19 themed scams, phishing emails and malicious websites.