Forewarned is forearmed

When working from home, it’s not easy to rapidly verify all the information that comes in online. What’s more, many ETH members are now using their own computers and WLAN. This makes it more difficult for everyone to keep their software up to date. It’s a situation that cybercriminals are exploiting. Ostensibly well-meaning emails with tips and advice on coronavirus can suddenly turn out to be cyberattacks.

Brace yourself for these types of attacks:

• Phishing emails: Hackers often send emails that appear to come from the World Health Organisation (WHO) or the Federal Office of Public Health (FOPH), and with the corresponding logo. Even traditional forms of phishing, such as fake emails that allegedly come from banks, have taken up the corona theme. The attackers are seeking to access their victim’s personal data (e.g. passwords or account numbers). Often the demands they make are startling and emotionally charged: the fraudster exerts time pressure, triggers our fear of doing something wrong or missing something, or urgently asks for help. Unfortunately, due to bad grammar, phishing mails are less easily detected nowadays, and end up more frequently in your inbox.
• Coronavirus maps: Cybercriminals are manipulating interactive web maps showing the distribution of coronavirus in order to download malware onto your computer in the background. The map display looks deceptively real and often simulates WHO or other trusted sources. Never click on links that you don’t totally trust and whose URL you don’t recognise.
•  Voice phishing: Fraudsters call in the name of the Federal Office of Public Health (FOPH), for instance, and request personal information (proof of identity, such as date of birth or bank details) from the victims. Don’t let yourself be put under pressure here! No public institution, supervisor or customer service representative will ask you, either by email or phone, for passwords or account information.
• Charity fraud: Fraudsters imitate charity appeals, via email or phone, to raise money to develop a purported vaccine for COVID-19 or to support relief agencies. Here too, the attackers exert emotional pressure, and shamelessly exploit the victim’s willingness to help.
• Shopping scams: Cybercriminals offer medical products such as respirators, disposable gloves and disinfectant sprays in fake online shops. But after the customer has paid, none of these products arrive.
• Extortion scams: The attackers demand money from the victims via email or phone call. If the victims don’t pay, the attackers threaten to infect their families with coronavirus. Here, as with all fraudulent phone calls, you can always hang up!

Although this is a long list, it doesn’t mean that while coronavirus is at large and we’re working from home the usual types of scams are at bay. Here are a couple of them:

• CEO fraud: The perpetrators impersonate a senior manager and contact an employee, either by phone or email, to ask for sensitive financial information or a transfer of money. The urgency of the matter is usually stressed, in order to put the victim under pressure. If you suspect the email or call isn’t authentic, check up on the person in question, and contact them via the official ETH phone number and email address to verify the information.
• Money mules: Fraudsters recruit victims, as financial agents for instance, by luring them with attractive or charitable offers from a bogus company. The victims receive stolen money on their bank account and have to send this money, minus their “salary”, to the attackers in a detour. What victims often don’t realise is that such financial transactions implicate them in money laundering. Since movements on their private account are easy for public prosecutors to detect when investigating crimes, they (rather than the fraudsters) are often caught. The victims are merely cannon fodder and carry all the burden – which is why they’re called money mules. So never let a third party use your bank account!

Cybercriminals are always learning. They adapt their attacks to the situation at hand and can combine the various scams above. So when you’re online or receive suspicious phone calls, a little healthy suspicion never hurts.

What to do in the face of a cyberattack:

Whether you’re working from home or at the company office, please always report incidents and suspicious activity to your IT support group or ID service desk.

If you suspect or know you’ve received a phishing email, please forward it to . The email should be forwarded as an attachment. In Outlook, use the “Forward as attachment” function.