Image copyright
Getty Images
“They’re exploiting the fear, uncertainty and doubt people are experiencing during the pandemic, and using the anxiety and desperation to get people to buy things or click on things they wouldn’t have otherwise,” says Morgan Wright, a former senior adviser to the US Department of State anti-terrorism assistance programme.
He’s talking about the scammers and criminals that inhabit the “dark web” who have found a new angle – anxiety over Covid-19.
Mr Wright, who is now chief security adviser at security software company SentinelOne, used to teach behavioural analysts at the US National Security Agency (NSA) about the exploitation of human behaviour.
He is now seeing some of those techniques being used on the dark web, an encrypted part of the internet that can be accessed using popular networks such as Tor.
The Tor browser is privacy-focused, meaning it can obscure who is using it and what data is being accessed. It offers bad actors a way to operate with a degree of impunity, as law enforcement find it much more difficult to track down criminals that use it.
Image copyright
Morgan Wright
Image caption
Mr Wright used to teach behavioural analysts at the US National Security Agency (NSA)
Since the beginning of the global pandemic, marketplaces on the dark web have seen a rise in Covid-19 related products and services. Sought-after N95 masks, gowns, gloves and the drug chloroquine have all been listed on these marketplaces. Last month, security software firm IntSights found blood allegedly belonging to recovered coronavirus patients was even being offered for sale.
Criminals hope a heightened sense of fear will make people rush to buy these products, and as a result these items are not cheap; an Australian Institute of Criminology report found the average fake vaccine was being sold for about $370 (£300), while one supposedly sourced from China was selling for between $10-15,000 (£8-12,000).
One of the reasons for the rise in such sales may be because many fraudsters are having to turn from their normal methods of making money on the dark web – such as selling fake flights booked using stolen airmiles – because these industries are currently dormant.
Many criminals also see an opportunity – as the majority of people are working from home, there is a greater chance of lax cyber security in place.
“There was suddenly a huge shift [on the dark web] of talking about vulnerabilities in collaboration software when they realised people were going to be working from home,” says IntSights chief security officer Etay Maor.
More Technology of Business
Phishing scams have also been on the rise. These are where fraudsters pretend to be a different organisation or person by email, hoping the person will provide some login details or personal data, which can then be used to steal money or someone’s identity.
“The phishing attacks started with those pretending to be from the NHS, and then extended to secondary organisations that are related to Covid-19 like banks or HMRC emailing about funding, grants or being furloughed,” says Javvad Malik, security advocate at traini