By: Kiyoh Nganga, Criminologist and Security Expert
“Stay at home!” This is the global rallying call amidst the global COVID 19 crisis, schools are closed, offices closed, shops are closing and people are working from home.
Most of the interactions and transactions are online, basically, the globe is idle and online.
Office Meetings are happening online via zoom and skype, shopping also happening online-enabled by home deliveries, educative research and library also online.
“Stay home, work from home!”, cybercriminals are not taking this rallying call lightly, they are not idling, they are busy working from home to defraud.
The cybercriminals are taking advantage of the crisis and our reliability on the internet in solving our needs; needs for information and need for household utilities as well as our medical needs.
The question in most of our minds is where they are likely to attack and how?
Maslow’s Hierarchy of needs- safety and love of family is giving cybercriminals massive success. Our need for safety and need to protect our families during this Corona Virus pandemic is our hugest drive; Anything seemingly giving us safety from corona will trigger our immediate interest and response.
Due to the fears of contracting COVID 19, most people are looking out for websites and ads where they can buy goods online and be home delivered to their conveniences.
Shops, pharmacies and supermarkets here in Kenya have activated their websites and social media pages for online shopping and delivery.
As the world moves all online by default, scammers have not been left behind, they have also moved all online but by design.
Social engineering is the key tool cybercriminals use, they make everything seem real, authentic and legitimate. Not every advert on social media which is selling what you need is real, It is a set trap, once you transfer the amount to their account you receive nothing in return.
Recently my friend found an advert on Facebook selling the “gold of our times”; Personal Protective Equipment (PPEs)- face masks and Sanitizers. The advert was from a seemingly genuine pharmaceuticals dealer, everything looked authentic, so he engaged to order for as much as he could have for himself and his family, packets of recommended 3 Ply face masks and a pack of sanitizers. He paid for a delivery fee of amount two thousand which doubled up as deposit, it is now day 10, he is still waiting for delivery. Going back to the Facebook page he bought from, the comment section, he is not alone in the wait, there are hundreds of complaints from buyers. It was a scam.
The times we are living in are fully online, we can not afford to avoid online shopping but before you send money to buy any good online, look out for the reviews of the seller, dig deep on the comment sections for complaints, ideally only pay on delivery else you are likely to be subjected to an eternal wait.
Not all online scammers are out to sell you nonexistent goods, some just want you to invest your mercy on the pandemic we are facing globally – The COVID 19.
They have already started sending out fake donations drive using reputable Public figures names, Reputable organizations names, their logos, similar or lookalike websites.
World Health Organization (WHO) has already sent out message warning of scammers extorting money in the name of donations towards the Corona Pandemic.
We are commanded by our holy books, ” Be merciful, as God is merciful”, scammers have also read, internalized and meditated on the verse, before investing mercy and donating, kindly take time, search the organization’s website, ask, call the organisation, is it the donation drive genuine? Help where you can.
Talk of websites, as we stay at home our minds are focused on Corona Virus, people are searching for information about this killer virus, we got the urge to know more but this can only be found on search engines.
Websites have been the main source of information about coronavirus.
Can you be a victim of a crime while feeding your brain with information about corona at the safety of your home?
The answer is, Yes you can! The more you stay online searching, the more you pose risk to yourself.
While searching for health information online, you are likely to end up on a phishing site.
Phishing is a type of online scam where criminals send out fraudulent emails or messages that appear to come from a legitimate source with domains that redirect your device to other site upon clicking.
They relay messages designed to trick the recipients into entering confidential information- account numbers, usernames, passwords, pins, birthdays and security questions into a fake site.
Hackers employing this phishing method have advanced their technology, they are now sending out messages that are likely to trigger a response from the recipient by clicking a link or opening an attachment. once clicked, the link redirects your device to a site which immediately infects your device with a malware which mines sensitive data- personal, financial and business information without your authority.
This stolen information is used by the cybercriminals to either commit identity frauds or to steal directly from you by accessing your financial accounts.
Whatsapp messenger, Facebook messenger by the virtual of being the most used online messengers in Kenya has become the largest medium hackers are using to get their victims.
Recently I received a message from a WhatsApp group reading, ” To counter the Coronavirus, we offer you 1000GB of free internet connection to stay at home safely and enjoy the internet, Activate the internet package via this link” it was followed by a suspicious link.
Another one read, ” Have you seen this? What to eat to prevent coronavirus” it was followed a suspicious link.
The messages are very enticing, many are likely to click on them, the messaging is right on what is on our mind, coronavirus but only heavens, the hackers and the victims know what lay ahead. This is social engineering.
To be on the safe side while searching for information online, beware of lookalike domains, they are created to look like genuine sites of what you are looking out for but are there to redirect you to phishing sites, check on URL addresses spelling errors.
For example, Google has set up an educative site where learners can access free classes during this period of Corona, https://crassroom.google.com but on the other hand, hackers have created a phishing domain which looks like the google genuine site, https:// googloclassroom…
Be careful with emails and files received from unknown senders. Do not open unknown attachments or click on links broadcasted via messaging apps.
Not everyone wants to inform you for free, some are just there to steal from you.
Search information from known authorities and approved web pages.
Stay home and stay safe from not just corona, cybercriminals are with you online at the comfort of their homes.