Apr 15, 2020 - Technology

Coronavirus misinformation seeds ground for digital scams

Illustration: Eniola Odetunde/Axios

Fear of the coronavirus and misinformation about the pandemic have created a pool of targets for online scammers.

The big picture: Misinformation around COVID-19 is rampant online, from phony cures to outlandish claims that 5G wireless signals cause the illness. Cybersecurity analysts are also seeing an explosion in phishing and other digital cons that base their scams on these popular coronavirus myths.

What's happening: Researchers at cybersecurity auditor NormShield found a massive uptick in the first three months of 2020 for new domains that make reference to chloroquine and hydroxychloroquine.

  • Those are malaria drugs that President Trump and others have suggested could be an effective treatment for COVID-19, but they have not been proven effective for that use and can have dangerous side effects.
  • The sharpest increase in the new domains came after President Trump first mentioned the drug in a March 19 White House briefing.
  • Many of them hosted phishing websites that purported to be online pharmacies where people could buy the drug, but were actually operations to lift visitors' credit card numbers and other billing and personal information.
  • "Bad actors prey on people's fears, and they prey on people's greed, and in this particular case, they're preying on people's fears," NormShield chief security officer Bob Maley told Axios.

That same dynamic is playing out across a wide range of coronavirus misinformation, said Ryan Kalember, who leads cybersecurity strategy for Proofpoint.

  • He said misinformation that Proofpoint has seen powering scams includes conspiracy theories that either China or the U.S. military developed coronavirus as a bioweapon; overstated claims about hydroxychloroquine and other drugs; and claims that the government has developed a cure or vaccine but is withholding it from the public.

Between the lines: Misinformation about the pandemic and scams related to it are each independently seeing rapid and massive growth.

  • Yonder, an artificial intelligence startup that monitors mis- and disinformation, recently found that it now takes 3 to 14 days for misinformation involving the coronavirus to spread from fringe platforms like 4chan forums to coverage in mainstream press outlets. It typically takes 6 to 8 months for that to happen with other topics, according to Yonder.
  • At the same time, coronavirus scams across the board are exploding, aimed at both individual consumers and institutions like large corporations and health networks. They include phishing emails — often from lookalike domains aping companies, government agencies and public health organizations asking users to give up login or financial information or click on a malware link — as well as phony websites like the fake hydroxychloroquine pharmacies.
  • These cons appear to be conducted by the same actors long responsible for the bulk of online scams around the world, cybersecurity experts told Axios — primarily, practiced operations out of West Africa and Eastern Europe.
  • "There's no new tradecraft," said Kalember. "They're just seeing that coronavirus lures are increasing their click rate like nothing they've ever seen before."

The bottom line: Classic online scams like "Nigerian prince" emails are often rife with misspellings and obvious errors that serve as a kind of natural filter.

  • Cons are more likely to work on people who are gullible enough to ignore such signals and reply to a scam email or blindly click on a phishing link in the first place.
  • Similarly, people who are already falling for coronavirus misinformation make readymade targets for scammers.

Go deeper

Updates: George Floyd protests continue for 9th day

Demonstrators march on Pennsylvania Avenue on June 3. Photo: Tom Williams/CQ-Roll Call, Inc via Getty Images

Largely peaceful protests over the death of George Floyd and other police-related killings of black people continued Wednesday, marking nine straight days of demonstrations.

The latest: As several major cities moved to lift curfews, NYPD officers "aggressively" dispersed large crowds in Brooklyn and Manhattan beyond New York City's 8 p.m. curfew, per the New York Times. The National Guard was stationed outside many protests Wednesday night, including in Hollywood and Atlanta.

Trump hits back at Mattis: "I gave him a new life"

President Trump speaks at the White House. Photo: Doug Mills - Pool/Getty Images

President Trump unloaded on his former defense secretary via Twitter on Wednesday, hours after James Mattis condemned him for making a "mockery of our Constitution" in his response to mass protests in the wake of George Floyd's killing.

What he's saying: "Probably the only thing Barack Obama & I have in common is that we both had the honor of firing Jim Mattis, the world’s most overrated General. I asked for his letter of resignation, & felt great about it. His nickname was 'Chaos', which I didn’t like, & changed it to 'Mad Dog'"

Obama praises young protesters, urges mayors to pursue police reforms

Former President Barack Obama called on all mayors to review their use-of-force policies and commit to policing reform in a virtual town hall Wednesday hosted by the Obama Foundation's My Brothers Keepers Alliance.

Why it matters: Obama has addressed the killing of George Floyd and the nationwide protests that followed on social media and in a Medium post, but this was his first time speaking about the past week's events on camera. His voice will add weight to the growing pressure on local, state and federal officials to pursue policing reforms.