The Australian Government’s Australian Cyber Security Centre (ACSC) is aware of a COVID-19 themed scam is currently being distributed via mobile text messages.
The text message appears to come from a ‘GOV’ sender and includes a hyperlink prompting you to find out where to ‘get tested in your geographical area’ for COVID-19 symptoms.
The link in these messages is not legitimate. If clicked on, malicious software may be installed on your device, designed to obtain your banking details.
Additionally, researchers at Malwarebytes have discovered a malicious program embedded into a website. Corona-Virus-Map.com claims to provide an up-to-date coronavirus map similar to a legitimate graphic provided by John Hopkins university.
However, this map is embedded with malware, designed to obtain usernames, passwords and credit card numbers saved in your browser cache.
Cybercriminals are directing traffic towards the virtual map through email attachments, online advertising, social engineering and software vulnerabilities.
What can you do?
If you receive one of these messages,
- delete the message and
- do not click on the link.
If you have received one of these messages and
- clicked the link, or
- you’re concerned your personal or banking details have been compromised,
- contact your financial institution immediately.
You should Never click on links, attachments or meeting invitations from people or organisations you do not know.
Hover over links or email attachments to read the underlying URL. If it is not an address you recognise or trust, do not open any attachments or click the link.
If you have suffered financial loss from cybercrime, report it to ReportCyber: www.cyber.gov.au/report