The public are being urged to follow online safety advice as evidence emerges that criminals are exploiting the Coronavirus online.
Experts from the National Cyber Security Centre have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit COVID-19.
Techniques seen since the start of the year include bogus emails with links claiming to have important updates, which once clicked on lead to devices being infected.
These ‘phishing’ attempts have been seen in several countries and can lead to loss of money and sensitive data.
The NCSC, a part of GCHQ created to keep the UK safe online, is urging businesses and the public to consult its online guidance, including how to spot and deal with suspicious emails as well as mitigate and defend against malware and ransomware.
In addition, in recent days the NCSC has taken measures to automatically discover and remove malicious sites which serve phishing and malware. These sites use COVID-19 and Coronavirus as a lure to make victims ‘click the link’.
The NCSC has seen an increase in the registration of webpages relating to the Coronavirus suggesting that cyber criminals are likely to be taking advantage of the outbreak.
These attacks are versatile and can be conducted through various media, adapted to different sectors and monetised via multiple means, including ransomware, credential theft, bitcoin or fraud.
Continued global susceptibility to phishing will probably make this approach a persistent and attractive technique for cyber criminals.
Moreover, as the outbreak intensifies, it is highly likely that the volume of such attacks will rise.
Organisations are being urged to follow cyber security best practice guidance whilst there is an increase in home and remote working.
The National Cyber Security Centre (NCSC) has published advice for UK companies to reduce the risk of cyber attack on deployed devices including laptops, mobiles and tablets, and tips to help staff spot typical signs of phishing scams.
Working from home is new for a lot of organisations and employees. Even if home working has been supported for some time, there may suddenly be more people working from home than usual, some of whom may not have done it before.
The NCSC has outlined recommended steps for organisations in:
Within the guidance there is advice on dealing with suspicious emails, as evidence emerges that criminals are exploiting the coronavirus online by sending phishing emails that try and trick users into clicking on a bad link. If clicked, these links could lead to malware infection and loss of data like passwords. The scams may claim to have a 'cure' for the virus, offer a financial reward, or be encouraging you to donate.
The guidance offers advice on spotting those emails, as well as on how to respond in the event of falling victim to a scam.
NCSC guidance helps private and public sector organisations deal with the effects of malware (which includes ransomware). It recommends steps to take before a malware infection has occurred, but also suggests steps to take if you're already infected.
View the guidance on the NCSC website
View the NCSC ransomware prevention and recovery advice
You can also see more advice in our cyber crime section
For official information about coronavirus, please refer to trusted resources such
as the Public Health England or NHS websites.
Reporting is CRUCIAL. If you think you’ve been a victim of fraud report this to Action Fraud either online at or by calling 0300 123 2040.
20 Jan 21 2:48 PM
