Watch Out For COVID-19 Phone App Scams

As reported on ABCnews.com, Android users must watch out for COVID-19 phone app scams. These hacks are designed to track the spread of COVID-19 but instead insert malware that will compromise users’ devices and personal information.

DomainTools’ senior security engineer and malware researcher Tarik Saleh said his firm identified new malicious Android phone app scams that advertises an ability to track the spread of the COVID-19 virus near you.

The app is “a pretty clever lure,” he said, encouraging the victim to “enable full device control” in order to track when a known COVID-19 patient is in your vicinity.

Once a user authorizes the app with those broad permissions, they are then hit with this ransom message: “YOUR PHONE IS ENCRYPTED: YOU HAVE 48 HOURS TO PAY 100$ IN BITCOIN OR EVERYTHING WILL BE ERASED.”

COVID-19 phone app scams

The threatening message continues: “What will be deleted? Your contacts, your pictures and videos, all social media accounts will be leaked publicly and the phone memory will be completely erased.”

“It masquerades as coronavirus tracking app but in reality it locks you out of your phone and demands a ransom to get back in,” Saleh said. ”There’s a lot of really scummy people out there right now taking advantage of the situation.”

Avoid phishing COVID-19 phone app scams

U.S. Attorney Terwilliger also highlighted “phishing scams,” in which “scammers posing as national and global health authorities … are sending phishing emails designed to trick recipients into downloading malware or providing personal identifying and financial information.”

Cybersecurity researchers at Kaspersky Lab, for example, detected a sophisticated phishing scam email that supposedly comes from the World Health Organization and offers helpful tips to avoid infection but, in reality, takes email users who click on the link to a site that steals your personal information.

“This scam looks more realistic than other examples we have seen lately,” said Tatyana Shcherbakova, a senior web content analyst for Kaspersky Lab, “such as alleged donations from the World Bank or IMF for anyone who needs a loan.”

U.S. Attorney Terwilliger urged people to “be wary of unsolicited emails offering information, supplies, or treatment for COVID-19 or requesting your personal information for medical purposes.”

Working from home

For more advise on safely working from home, read a recent blog from ClickAway.

ClickAway is open – essential business

Here at ClickAway, we’ve been told by state authorities we are an essential business and to remain open during the Coronavirus shelter-in-place orders. Home office services such as connectivity and well-functioning computers are essential to our new and expanding remote work force in the Bay Area. Please note our biosafety procedures.