NCIS: Beware of Coronavirus-Themed Scams


Story Number: NNS200318-10Release Date: 3/18/2020 5:49:00 PM
A  A  A   Email this story to a friend   Print this story
From Naval Criminal Investigative Service Public Affairs

QUANTICO, Virginia (NNS) -- The novel coronavirus pandemic presents an opportunity for malicious actors to conduct spearphishing campaigns, financial scams, and disinformation campaigns via social media to collect sensitive information, steal money via fake donation websites, spread false information, and deliver malware to victims.  

Several spearphishing campaigns since January have falsely represented various healthcare organizations, including the U.S. Centers for Disease Control and Prevention and the World Health Organization. In many cases, victims receive coronavirus-themed emails requesting the victim to open an attachment or click on a link to obtain details about the coronavirus. Once a victim clicks on the attachment or link, they are directed to a malicious website requesting the victim to enter login credentials.

Law enforcement agencies have observed campaigns wherein victims received hoax emails from what appear to be the CDC requesting donations via Bitcoin to fund an “incident management system” in response to the coronavirus pandemic. Agencies also observed in February a spearphishing campaign targeting Japan-based Internet users with emails that appeared to provide information relating to coronavirus prevention. The emails included malicious Microsoft Office files that upon opening would initiate the download of a sophisticated Trojan known as Emotet.

U.S. officials have released statements advising Russia is likely behind coronavirus disinformation campaigns that are being spread via social media. Reports indicate thousands of Twitter, Facebook, and Instagram accounts have been used to spread false information about the coronavirus pandemic.

Although there is no evidence that the Department of the Navy has been targeted, NCIS urges DON personnel to remain vigilant and use the following best practices to identify and avoid online scams:

  • Use complex passwords, use different passwords for different services, and change passwords often.
  • Go directly to a trustworthy website for information rather than clicking on email attachments, links, or pop-ups.
  • Double-check a website address prior to typing it in as scammers typically slightly alter URLs so they closely resemble a legitimate URL.
  • Do not enter sensitive data such as username and password into websites that do not typically ask for it.
  • Use multi-factor authentication whenever possible.
  • Check for spelling and grammatical errors within the contents of emails or suspicious websites.
  • Keep systems updated and running antivirus software.

If you have been targeted with this scam, please report it to NCIS using the NCIS Tips app or at www.ncis.navy.mil.

NCIS is a federal law enforcement agency that investigates felony crime, prevents terrorism, and protects secrets for the U.S. Department of the Navy. NCIS employs approximately 2,000 personnel, including 1,000 federal special agents, in 41 countries and 191 locations around the world. 

To learn more about NCIS, visit www.ncis.navy.mil and follow NCIS on Facebook, Twitter, and YouTube.

Get more information about the Navy from US Navy facebook or twitter.

For more news from Naval Criminal Investigative Service, visit www.navy.mil/local/ncis/.

 
RELATED PHOTOS
NCIS Logo
NCIS helps prevent as well as investigates crimes involving Sailors, Marines, DON civil servants and family members. (US Navy graphic/released)
January 30, 2020
Navy Social Media
Sign up for email updates To sign up for updates or to access your subscriber preferences, please click on the envelope icon in the page header above or click Subscribe to Navy News Service.