“The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the FBI notice stated. The Bureau went on to outline a series of steps the public should take to help protect their privacy, to include ensuring Zoom virtual meetings are set to “private,” requiring passwords for online meetings, and locking down the ability to share screens by anyone other than the meeting host.
A spokesperson for Zoom told CNN in an email on Thursday that the company “appreciates all efforts to raise awareness around how to best prevent these kinds of attacks.”
As more and more schools have moved to online classroom learning in response to the closure of educational institutions around the country, the FBI is also providing tips for parents on how to protect their children from malicious cyber actors.
Specifically, the bureau has urged parents to closely monitor the use of educational technology and online services by children. They should “conduct regular internet searches of children’s information to monitor the exposure and spread of their information on the internet” and “consider credit or identity theft monitoring to check for any fraudulent use of their child’s identity,” according to FBI experts.
Another tactic being used by sophisticated criminal actors to prey on unsuspecting victims is the creation of fraudulent coronavirus-related websites. In a letter last week to government colleagues, the Homeland Security acting chief information officer noted that an analysis of recently-created websites associated with Covid-19 found that nearly one hundred of the sites reviewed were “actively malicious,” while over 2,000 were deemed “suspicious.”
A variation on this tactic can be found in recent efforts by cyber criminals to trick consumers into claiming their coronavirus “stimulus checks” from major stores. In one scam spotlighted this week by the FBI, criminals sent unsolicited text messages to recipients, instructing them to click on a link in order to claim a $100 “stimulus bounty” from the retailer Costco. In reality, the link redirected the user to a malicious website that then compromised the user’s phone.
The #FBI is warning the public that Costco is NOT texting (or using social media platforms) the public or its’ customers to provide a “stimulus check,” “freebies,” or a “stimulus package.” These messages, containing a malicious link, are a #SCAM. Do NOT click on the link. #fraudpic.twitter.com/PwCutAaPwO
— FBI San Diego (@FBISanDiego)
In addition to exploiting online technical features, the government has also warned that cyber criminals are taking advantage of feelings of generosity towards those impacted by the pandemic to bilk innocent victims out of money.
In a public message last month from the Secret Service, federal agents outlined how nefarious actors are actively “using social engineering tactics through legitimate social media websites seeking donations for charitable causes related to the virus. Criminals are exploiting the charitable spirit of individuals, seeking donations to fraudulent causes surrounding the coronavirus.” Members of the public were urged to be cautious in donating to causes or organizations that might be unfamiliar to them.
The Secret Service message also included a stark assessment of why cyber criminals are especially successful during periods of national crisis, noting that “any major news event can become an opportunity for groups or individuals with malicious intentions. The coronavirus is no different. In fact, the coronavirus is a prime opportunity for enterprising criminals because it plays on one of the basic human conditions…fear.”