Scammers are set to take advantage of Australian fears of coronavirus and public efforts to contain the disease in the coming year.
Australia and New Zealand’s national identity and cyber support service ID Care warns COVID-19 and deepfakes will be used in scams in 2021.
ID Care analysts say cybercriminals will likely target the COVID-19 vaccine rollout in the first half of the year.
Pharamceutical giants Pfizer and Moderna are already working with America’s Homeland Security department to prepare for vaccine scams.
ID Care expects scammers to pose as health officials or government agencies to harvest personal data and use vaccine conspiracy theories in phishing scams.
“This is likely to lead to an increase in phishing scams, with the intent of scaring people into clicking on harmful links,” the service said in a report.
ID Care said the solution was not to open links in emails or reply to texts you don’t recognise and be careful about cold-callers asking for personal information.
Cybercriminals could also take advantage of public efforts to contain the virus through check-ins with QR codes.
Scanning the codes at restaurants and venues has become common practice, but ID Care warns there are few legal rules for the technology or use of personal user data in Australia.
“And when you think of the information stored on there – your name, address and phone number – this information could be a honeypot for cyber criminals,” the service said.
“Then there is the additional risk those scammers are plotting new measures to implant malicious QR codes in businesses which will harvest the data entered.”
Unfortunately, there is little users can do to protect themselves and there are few warning signs for people who have been targeted.
ID Care said Australians will also need to be vigilant about deepfakes endorsing products or services in 2021.
Deepfakes are realistic videos or audio recordings of politicians or celebrities that are actually computer generated.
They have been used to sow confusion in the US and ID Care believes they could be used to trick Australians.
The service warned deepfakes will get even more convincing in 2021, so people should always get professional advice before acting upon online videos of famous people.
“And don’t believe every video clip you see of a famous person, whether it be a celebrity endorsing cryptocurrency or a President giving a “speech” via YouTube,” ID care said.
Meanwhile, established scams such as ransomware have morphed into more sophisticated and elaborate operations.
Before this year ransomware attacks involved cybercriminals infiltrating networks of businesses, encrypting data and offering a decryption key for a sum of several hundred dollars.
However, during 2020 scammers started targeting multinational firms, and rather than locking up data they threatened to publicly release it via the dark web.
ID Care said it was a double extortion technique forcing businesses to negotiate or suffer the cost of data leaks and reputation damage.
The service said many Australian firms had already been affected by this new style of ransomware attack and that would continue in 2021.
“It’s the combination of making a big financial reward and relating low risk that has led to ransomware becoming a booming and viable business model for cybercriminals,” ID Care wrote.
It advised firms to train their staff in cybersecurity so they avoid downloading malicious links from phishing emails.