Many health and research organizations have created useful dashboards that keep track of the spread of COVID-19. Security experts have found that hackers are using some of these dashboards to steal users’ personal information.
The hackers design websites related to COVID-19 and prompt the user to download an application to keep updated on the situation. The downloaded application does not need an installation and does provide the user ongoing information on the spread of the virus. The false front causes a malicious binary file to be installed on the user’s computer which can be used to steal browsing history, cookies, IDs, passwords and more. Typically, the nefarious website looks like a legitimate tracking map but has a different URL from the original source.
Employees should be warned about the potential security risks associated with downloading any online application including coronavirus tracking maps.