The cybersecurity organization Bitdefender reported that phishing scams related to the coronavirus have been detected on Linksys and D-Link routers. Hackers taking advantage of weak passwords change the DNS IP addresses so that instead of going to a legitimate website, the user is redirected to a malicious one.
Once the user goes to the malicious website, a pop-up window appears that says “to have the latest information and instructions about coronavirus (COVID-19).” The pop-up also claims that the information is provided by the World Health Organization. When the download button is clicked, a trojan is installed that steals sensitive information. Such as user keystrokes, passwords, emails, and financial documents.
To combat this threat, users are advised to turn off remote administration on their routers, update to strong passwords for their systems, and make sure anti-virus and anti-malware programs are up to date. Also double-check the spelling of email addresses and websites for variances from legitimate ones.