COVID-19 cyber scams mount against Australians

Cybercriminals are exploiting COVID-19 via a series of new scams, frauds and phishing campaigns, warns the Australian Cyber Security Centre (ACSC).

The fraud attempts and deceptive email schemes are often “COVID-19-themed” and have already had a significant impact and hit-rate.

Since March 2020, ACSC has been alerted to more than 95 reports of cybercrime activity, in which Australians have either handed over personal information or lost money. In addition, it has dealt with 20 cybersecurity incidents targeting COVID-19 crisis response teams or major national suppliers.

With assistance from Google and Microsoft, the organisation has now also disrupted more than 150 malicious websites, each with a COVID-19 theme.

The malicious foreign cyber actors often increase their hit rate by aligning their activities with major government announcements about the crisis — such as health guidance or financial relief schemes — the ACSC said.

One of the furthest-reaching scams has been an email ‘sextortion’ campaign, affecting 1900 people since 9 April.

In this campaign, scammers have demanded cash sums to stop them releasing highly personal and sensitive information, such as intimate images, about the recipient.

The Head of the ACSC, Abigail Bradshaw, said the organisation is heavily focused on protecting Australian businesses and individuals during this time, and that a number of mitigation strategies are available via its website.

“We have stopped them [cybercriminals] from accessing their own systems and prevented them from accessing information they stole,” Bradshaw said.

“I encourage all Australians to remain vigilant against the threat of cybercrime, and check our advisories so you know what to look for and what to do.”

Image credit: ©stock.adobe.com/au/ThautImages