Watch out: This fake coronavirus tracking app is a malware trap

Watch out: This fake coronavirus tracking app is a malware trap
© Tzogia Kappatou | Dreamstime.com

Finding ways to cope with the coronavirus pandemic doesn’t have to be as difficult as some people make it seem. Following guidelines put forth by federal, state and local governments, as well as official health organizations, are key.

Sadly, there are scoundrels out there putting up roadblocks making things worse. Cybercriminals are setting up malicious websites to rip people off who are simply looking for coronavirus tracking information. Tap or click here for a tracking map you can trust.

That’s just the tip of the security threat iceberg — there are plenty of other examples. The latest is a supposed coronavirus tracking app that is actually a ransomware variant.

Not everything is as it seems

Researchers at DomainTools recently discovered ransomware that is posing as a coronavirus tracking app. The app is for Android devices and is called CovidLock.

It was found on the domain coronavirusapp.site and offers a downloadable app that claims to track the coronavirus outbreak in real-time. Users are asked to download the app to have access to a tracking map.

Warning! Don’t download the app, it’s a scam.

If you download the CovidLock app, your device will be infected with ransomware. A ransom note will appear on your device that looks like this:

DomainTools

RELATED: This ransomware can lock you out of your PC

As you can see in the ransom note, the attacker demands $100 worth of Bitcoin be sent or everything on the victim’s device will be erased. It also promises to leak your contacts, social media accounts, pictures and videos online among other threats if you don’t pay. Yikes!

This is one of many reasons why you should only get coronavirus information from reputable sites. Thankfully, Android gadgets have protections built in to avoid falling victim to this attack — that’s if you’ve already set them up.

How to avoid coronavirus security threats

Since this ransomware disguised as an app is targeting Android users, there is good news. If you’re running a recent version of the Android operating system, there are protections already built-in.

Android Nougat rolled out in 2016 and came with protections against these types of attacks. So, if you’re device is running Nougat or a more recent version, you’re almost good to go.

There is one thing you must do, though. To be protected against threats like this coronavirus ransomware, you must have a password set on your device to unlock the screen. Here’s how:

Setting up lock-screen security for Android devices

Go to the Settings menu >> scroll down to the Personal section and tap Security or Security and Screen Lock >> under Screen Security, tap the Screen Lock option. From there, select which type of lock you want to use, choose either Pattern, PIN or Password.

Once you’ve set this up, every time you wake your device you’ll be asked to enter your Pattern, PIN or Password.

Now that we’re talking about security threats related to the coronavirus, there are other things to keep in mind. Here are some suggestions.

Stick with trusted sites

With so many security threats out there, you need to stick with trusted sites when looking for coronavirus information.

One trusted organization is the Centers for Disease Control and Prevention. You can find tons of helpful info, but make sure you’re going to the official site, not a spoofed one.

The best way to get there is to type the address directly into your browser. Type in cdc.gov. You can also tap or click here.

Another place for great intel is the World Health Organization. Again, make sure to type the official web address directly into your browser so you know you’re going to the right site — it’s who.int. Or tap or click here.

You may also like: How to get a coronavirus screening without leaving home

Be cautious with links 

If you get an email or text dealing with coronavirus that you find suspicious, don’t click on its links — it could be a phishing attack that leads to ransomware.

It’s better to type a website’s address directly into your browser than click a link inside an unsolicited email. Before you ever click on a link, hover over it with your mouse to see where it’s going to take you. If the destination isn’t what the link claims, do not click it.

Most people are already scared about coronavirus, and rightfully so. The last thing you need is scammers entering the pandemic looking for ways to rip you off. Unfortunately, they have zero scruples and will do whatever it takes to make a buck. Be vigilant, stick to official websites and we’ll make it through this together.

Tags: Android, CDC, coronavirus, cybercriminals, guidelines, malicious websites, malware, operating systems, pandemic, phishing, ransomware, security, security threats, World Health Organization