How Interpol hunts down COVID-19-related cybercrimes
Dubai: As COVID-19 ravaged the planet and our lives, cyberattacks spiked with many people spending more time online amidst work from home regimes.
As global law enforcement departments notice scammers increasingly use email fraud, phishing campaigns to lure victims to buy masks, gloves and protective kits, Interpol has warned against potential scams in the name of COVID-19 vaccines.
Craig Jones, Interpol’s Director of Cybercrime, who was visiting Dubai earlier in the week, told Gulf News police and the cybersecurity industry have seen a number of targeted cyberattacks by criminals since the virus outbreak began last year. These range from malicious web domains using the word ‘COVID’ to phishing emails promising the sale of key supplies as well as vaccinations.
Jones believes that cybercriminals are exploiting the COVID-19 outbreak to cause serious harm to people and organisations. “We noticed one scam was around the emails that are sent out of sites that were set up with the latest statistics about COVID-19. When people click on the link, they are basically downloading malicious software onto their computers and give access to the criminals,” Jones said during an exclusive interview.
He said scams started originally with online purchase of masks, gloves and personal protective equipment. “People pay and believe that they will get their order, but nothing will turn up.”
As countries roll out COVID-19 vaccines, fake websites selling vaccines have also emerged. “Interpol is seeing potential scams related to vaccination. Recently, Interpol carried out operations in South Africa and China, where fake vaccinations and COVID-19 certificates were found,” Jones added, during the launch of Group-IB in the UAE. Group-IB is a global threat hunting and adversary-centric cyber intelligence company specialising in investigating and preventing hi-tech cybercrimes.
He said that vaccination scams always target countries with very low level of vaccination programmes. “The UAE has a very strong vaccination programme but some countries don’t. People then start looking online for how can they get vaccinated.”
Jones said that criminals are taking advantage of all of these trends, apart from demand for PCR certificates. To tackle this, Interpol is working to aggregate data from different countries and companies on a platform which collects data on where the victims are and how they have been attacked.
Pulling together this data gives Interpol a clear picture of the whole crime. It can then narrow down the investigation, find out where the criminals are, and work with member countries to take action.
Policing on the frontline
As part of its COVID-19 initiatives, Interpol supported policing on the frontline as the pandemic changed the role of policing in many countries as well as gather information from the countries and exchange it with others. “The world needs all the information possible to apprehend malicious actors. Interpol is partnering its 194 member countries and the private sector to use data to hunt down cybercriminals,” added Jones.
Interpol’s exchange platform shares information on the latest threats, prevention strategies, detection and investigation techniques. “The impact on one company from a ransomware attack can end their business. That’s why we need to join hands for a safer world,” said Jones.
Interpol recently set up a cybercrime desk in the Africas region, and plans to do it in the Americas region as well, he says. It is also planning to expand the Association of Southeast Asian Nations (ASEAN) desk and bring in China, Australia and New Zealand.
The organisation recently took down an organised crime group in Africa that was carrying out a global phishing campaign, he says. It worked with Group-IB, a private cybersecurity partner, and Nigerian police to arrest those actors.
Interpol also partnered the USA and Russia to take down Joker’s Stash, the world’s largest illicit marketplace for stolen credit card information. It worked with law enforcement in both countries to seize the servers used by the forum, and shut it down.