Coronavirus Used to Spread SMS Spam and Scams

An excellent article by Cathal McDaid, CTO of AdaptiveMobile Security, highlights the way tricksters are taking advantage of the coronavirus pandemic. McDaid observed that in recent weeks his business had…

…seen the rise of SMS spam attacks relating to the Coronavirus (Covid-19) pandemic, targeting vulnerable mobile network subscribers. These SMS spam attacks attempt to use the fear around the Coronavirus worldwide emergency to try to push their targets to respond to the SMS spam, and so monetise (i.e. make money from) the attack.

Other channels are also being used to exploit fear. Sadly, these kinds of attacks are not as novel as the coronavirus.

…it is not only the SMS channel that is receiving Coronavirus-themed attacks. Attacks featuring or using the pandemic are happening currently across email spam, malware and malicious domains. There is prior history here too, other previous ‘news-worthy’ disease outbreaks in the past, such as H1N1/swine flu , MERS and Ebola have also witnessed similar ‘spam outbreaks’.

McDaid identifies three categories of coronavirus spam.

  • Urgent offers – the spam message encourages the victim to obtain services like payday loans that supposedly are only available for a limited period because of the epidemic.
  • Health alerts – the victim is encouraged to sign up for information. The attacker’s goal is to obtain phone numbers and other information about their victims.
  • Medicines and equipment – recipients are urged to purchase remedies and protective gear, often of dubious benefit. There may be no intention to supply the promised goods.

Telcos may not always pay sufficient attention to preventing ‘nuisance’ messages from being delivered to their customers. This is because they may be considered to be relatively harmless, but these scams illustrate how subscribers become more vulnerable at times like these.

The full article by McDaid and his colleagues at AdaptiveMobile Security can be found here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.