April 2, 2020updated 07 Apr 2020 10:34am

Cybercriminals are using bots to feed coronavirus fears

By Ellen Daniel

The ongoing Covid-19 coronavirus pandemic has led to a surge in malicious bot activity online, according to research by cybersecurity software company Radware.

Bots are computer programs that are automated to do a certain repetitive task, with examples including Googlebots, which crawl web pages to add them to search engine results pages, and chatbots.

However, bots can also carry out malicious activity, carrying out tasks such as credential stuffing, content scraping, DDoS attacks and brute force attacks.

Bad actors have been capitalising on the current fear, uncertainty and confusion, using bots, as well as other methods, to spread misinformation, scam users or carry out cyber attacks and this is affecting many industries, including social media, ecommerce and digital publishing.

Currently, 80% of scams, hacks and cyberattacks are related to coronavirus, according to research by Proofpoint, and part of this has been a rise in automated attacks.

The rise of coronavirus bots

According to research by Radware, part of its ‘The Big Bad Bot Problem’ report, bad bot traffic grew by 26% in February, with 58.1% of these bots able mimic human behaviour, making it difficult to distinguish them from genuine users and enabling them to go undetected.

27.7% of traffic on media sites was from bad bots, as malicious actors look to scrape genuine content and republish it on their own sites that can then be used to dupe users into clicking on malicious links or falling for scams.

The World Health Organisation described the spread of fake news related to the Covid-19 pandemic as an “infodemic”, and the EU’s European External Action Service has warned that Russian attackers could utilise an army of bots to spread misinformation.

However, e-commerce has been even more widely affected, with bad bot traffic making up 31.3% of total traffic. Malicious actors were particularly targeting sites selling face masks and sanitisers.

According to Radware, the motivation behind these attacks could be inventory attacks, buying large quantities of these products to sell on the black market, or scraping content to dupilcate on their own malicious websites.

The impact of this can be significant, with a rise in Covid-19-related phishing attacks, which have cost victims over £800,000 in the UK alone so far, and Radware predicts that in the coming months, the use of bad bots by cybercriminals, nation-state actors, and conspiracy theorists will accelerate due to the ongoing pandemic and the US presidential election.

This is part of a wider increase in malicious activity related to Covid-19 rapidly growing online. According to research by RSA Security, thousands of domains containing the words “coronavirus” and “Covid-19” were registered in January, with the research noting the emergence of fake ecommerce sites offering items such as face masks and hand sanitiser, fake news apps, earn-from-home scams and account takeovers aimed at the many children who are currently off school.

“While these are unprecedented times, what we are seeing in terms of fraudsters trying to cash in on the mayhem is sadly all too familiar – events such as these tend to bring out both the best and worst in people. Yet even I have been shocked at some of the brazen opportunism that is taking place,” comments Daniel Cohen, head of anti-fraud products and strategy at RSA Security.

“Fraudsters posing as WHO specialists, offering information on safety measures; texts claiming to be from the HMRC advising of “goodwill payments” from the government; ‘online friends’ tricking kids into giving up their log-in details; social media posts giving everything from two free airline tickets to a year’s worth of groceries, and more – it’s evident that fraudsters have been quick and creative in finding new ways to take advantage of the current situation. We strongly advise consumers to be on their guard.”

Read more: 80% of scams, hacks and cyberattacks now coronavirus themed.