Apr 15, 2020 - Technology

Coronavirus misinformation seeds ground for digital scams

Illustration: Eniola Odetunde/Axios

Fear of the coronavirus and misinformation about the pandemic have created a pool of targets for online scammers.

The big picture: Misinformation around COVID-19 is rampant online, from phony cures to outlandish claims that 5G wireless signals cause the illness. Cybersecurity analysts are also seeing an explosion in phishing and other digital cons that base their scams on these popular coronavirus myths.

What's happening: Researchers at cybersecurity auditor NormShield found a massive uptick in the first three months of 2020 for new domains that make reference to chloroquine and hydroxychloroquine.

  • Those are malaria drugs that President Trump and others have suggested could be an effective treatment for COVID-19, but they have not been proven effective for that use and can have dangerous side effects.
  • The sharpest increase in the new domains came after President Trump first mentioned the drug in a March 19 White House briefing.
  • Many of them hosted phishing websites that purported to be online pharmacies where people could buy the drug, but were actually operations to lift visitors' credit card numbers and other billing and personal information.
  • "Bad actors prey on people's fears, and they prey on people's greed, and in this particular case, they're preying on people's fears," NormShield chief security officer Bob Maley told Axios.

That same dynamic is playing out across a wide range of coronavirus misinformation, said Ryan Kalember, who leads cybersecurity strategy for Proofpoint.

  • He said misinformation that Proofpoint has seen powering scams includes conspiracy theories that either China or the U.S. military developed coronavirus as a bioweapon; overstated claims about hydroxychloroquine and other drugs; and claims that the government has developed a cure or vaccine but is withholding it from the public.

Between the lines: Misinformation about the pandemic and scams related to it are each independently seeing rapid and massive growth.

  • Yonder, an artificial intelligence startup that monitors mis- and disinformation, recently found that it now takes 3 to 14 days for misinformation involving the coronavirus to spread from fringe platforms like 4chan forums to coverage in mainstream press outlets. It typically takes 6 to 8 months for that to happen with other topics, according to Yonder.
  • At the same time, coronavirus scams across the board are exploding, aimed at both individual consumers and institutions like large corporations and health networks. They include phishing emails — often from lookalike domains aping companies, government agencies and public health organizations asking users to give up login or financial information or click on a malware link — as well as phony websites like the fake hydroxychloroquine pharmacies.
  • These cons appear to be conducted by the same actors long responsible for the bulk of online scams around the world, cybersecurity experts told Axios — primarily, practiced operations out of West Africa and Eastern Europe.
  • "There's no new tradecraft," said Kalember. "They're just seeing that coronavirus lures are increasing their click rate like nothing they've ever seen before."

The bottom line: Classic online scams like "Nigerian prince" emails are often rife with misspellings and obvious errors that serve as a kind of natural filter.

  • Cons are more likely to work on people who are gullible enough to ignore such signals and reply to a scam email or blindly click on a phishing link in the first place.
  • Similarly, people who are already falling for coronavirus misinformation make readymade targets for scammers.

Go deeper

As techlash heats up again, here's who's stoking the fire

Illustration: Aïda Amer/Axios

As controversies around online speech rage against a backdrop of racial tension, presidential provocation and a pandemic, a handful of companies, lawmakers and advocacy groups have continued to promote a backlash against Big Tech.

The big picture: Companies like Facebook and Google got a reputational boost at the start of the coronavirus lockdown, but that respite from criticism proved brief. They're now once again walking a minefield of regulatory investigations, public criticism and legislative threats over antitrust concerns, content moderation and privacy concerns.

Cities are retooling public transit to lure riders back

Illustration: Sarah Grillo/Axios

After being told for months to stay away from others, the idea of being shoulder to shoulder again in a bus or subway terrifies many people, requiring sweeping changes to public transit systems for the COVID-19 era.

Why it matters: Cities can't come close to resuming normal economic activity until large numbers of people feel comfortable using public transportation.

The policies that could help fix policing

 Illustration: Sarah Grillo/Axios

George Floyd's death has reignited the long and frustrating push to reform a law enforcement system whose systemic flaws have been visible for years.

Why it matters: Solving these problems will require deep political, structural and cultural changes, experts and advocates say — but they also point to a handful of specific policy changes that, while not a cure, would make a difference.