Phishing / Uncategorized

Infodemic, Coronavirus and Fake News

Infodemic, Coronavirus and Fake News

Criminals are opportunistic. It’s not for nothing that the saying “opportunity breeds thieves”. The past has already shown that widely scattered news and crisis situations lead to criminals taking advantage of them, for example in the Australian bush fires at the beginning of the year. Because the corona virus activates a basic human instinct, fear, it is a breeding ground for fraud, fake news and phishing. Experts speak of an infodemic.

A history of fraud

Fraud itself is as old as mankind. There was fraud in ancient Greece. The first reliable source goes back to about 300 B.C. to a merchant named Hegestratos with his assistant Xenothemis.  In layman’s terms, his deception worked as follows: The merchant borrowed money and agreed to repay it with interest when the cargo, in Hegestratos case grain, was delivered. If the trader refused to repay the loan, the lender could demand the cargo and the boat used for transport. Hegestratos did not fill his boat with grain and wanted to sink the empty boat at sea and sell the grain by other means. The plan failed and he drowned trying to escape his crew and passengers when they caught him red-handed and he missed the dinghy that should have saved him. In addition to this, there are also stories, metaphors or comparisons in the Bible and the Qur’an that deal with fraud.

Ponzi and snowballs

Fraud is often structured according to the so-called “Ponzi scheme“. A Ponzi scheme is a special form of the snowball or pyramid system. The procedure is always similar: high returns are promised on investments, but these are only available on paper. If the investors actually demand your money at some point, you will be paid out, but only over a certain period of time. Moreover, these payouts can only be financed if deposits from other investors are used for this purpose. As a fraudster is needed as a steady inflow of new investors. There are usually no real investments or transactions that could increase the value of an investment. Such a system often collapses when a large number of investors try to get their deposits back. The fraud goes back to its inventor Charles Ponzi, who first carried out this scam in 1919.

Snowballs and Multi Level Marketing

Multi level marketing is often not exactly distinguishable from the snowball system. The boundaries are fluid. You should always ask yourself the question: “Would I buy this product at this price if I did not receive a commission for reselling the products? If you would then say “no”, it is most likely a snowball system. You can recognize flimsy Multi Level Marketing offers by the following additional aspects:

  • Earning opportunities consist mainly of benefits that are paid out for recruiting new employees*. This is often referred to as “passive income”.
  • The product which is distributed is often overpriced
  • The trading margin or commission is unusually high

None of these historical examples were dependent on widely distributed information, as these all-encompassing information flows have only been relevant since the spread of the Internet. Technology is fuelling this new type of infodemic.

Phishing and Corona

Phishing is also carried out by fraudsters and is the most modern form of fraud. Fraudsters send out e-mails that are supposed to come from reputable companies or acquaintances in order to trick people into entering passwords or credit card information on other websites. Due to the spread of e-mail communication and e-commerce, the number of these scams has increased enormously in recent years. Currently, cyber criminals are taking advantage of the insecurity in the population and sending phishing mails pretending to be from a medical organization. In one case, according to the American Secret Service, there was an attachment that infected the victims with malicious software when they opened the attachment.

More fraud around Corona

In addition, more and more websites are being discovered that exploit social engineering and appear as legitimate articles in social media. Frequently there are calls for donations to fight the coronavirus, but most of the time, the criminals behind them are just criminals who want to get rich. In the medical context, an increased number of frauds has also been detected. Often medical material is offered for sale, which can be used for prevention/protection against corona. The sellers allegedly send the materials only after advance payment, but the products are never delivered.

Infodemic as a side effect of the pandemic

As if the current scams around Corona were not enough, there is another development that should be of concern to us: The sheer endless flow of information about what to do and what not to do now, and most importantly, what is yet to come. This uncertainty causes many people to worry and makes them popular targets for fake news campaigns and especially vulnerable to the spread of this news.

“The outbreak and response to COVID-19 is accompanied by a massive ‘infodemic’ – an overabundance of information, some correct and some not – making it difficult for people to find trusted sources and reliable guidance when you need it,” Dr Margaret Harris, a leading WHO physician, told the National Observer from Canada.

Unfortunately, misinformation about health and disease prevention issues has a particularly drastic effect. According to this study, in order to counteract the negative effects of bad advice, bad advice must not exceed 30% of the total information provided around a disease outbreak. It is of course difficult not to exceed 30% in times of social media. A tweet with erroneous information can spread rapidly, especially in times of uncertainty, and negate all communication work of official bodies. The American CDC already noted this during the Ebola outbreak 2014-2016. In addition to this, incorrect information within an infodemic leads to further uncertainty and to a destabilization of society.

The stock markets are also not prepared for the dissemination of false information. In 2013, for example, false information was spread that Barack Obama was injured in an explosion at the White House. As a result of this one tweet, the S&P index fell by 0.9%, which corresponds to a monetary value of 130 billion dollars.

A current wave of misinformation is, for example, that an acquaintance of an acquaintance is working at a local, regional or national crisis prevention agency and has given the advice to stock up on food, as the complete lockdown is imminent in 48h and supermarkets are closing. This information was sent as a WhatsApp message. This is an interesting aspect, as false information has spread increasingly via Facebook, Twitter or other social networks in previous infodemic. In addition, a supposed screenshot of Focus Online made the rounds, which is supposed to show the limited opening hours of the supermarkets.

Falsche Öffnungszeiten der Supermärkte.
Wrong opening times in Germany. Quelle:

The only thing that individual grocery stores ask for is that they no longer have to do their shopping exclusively on Friday afternoon or Saturday morning so that the employees of the stores can come after them to clear the shelves.

In general, the news that ibuprofen makes the disease worse can also be categorized as wrong. This news also circulated on Whatsapp with a reference to the University of Vienna. However, this clearly indicates that this is fake news. Even garlic or the urine of cows does not help against the virus.

What can I do against fake news and fraud

The following are tips on what you can do against fraud and fake news about the Corona infodemic. We have other articles about prevention, for example in this blog post we have summarized how you can protect yourself against phishing. Here are our tips against fake news and fraud:

  • Question the source. Where does the information or the email come from? How trustworthy is this information and the institution/person who is giving you this information? It is unfortunately the case that probably no one in your environment has direct contact with the emergency planning councils. This allows you to categorize information that comes to you through an acquaintance of an acquaintance as “false”.
  • Have you started the communication? Whenever you receive an e-mail or make contact with Corona, you should ask yourself whether you have initiated this communication. If not, increased caution is required.
  • Avoid opening attachments and clicking on links in e-mails from senders you do not recognize. These attachments may contain malicious content, such as ransomware, which can infect your device and steal your information.
  • Be suspicious of emails or phone calls requesting account information or asking to verify your account. Reputable companies will never call or email you directly for this.
  • Visit Web sites by entering the domain name ( yourself. Companies typically use encryption, and certificate “errors” can be a warning sign that something is wrong with the website.
  • The WHO has published an “awareness page” where you can find the most common myths about the corona virus. Inform yourself before you make assumptions about the disease.

One thing is certain, in the aftermath of the corona crisis we are facing some construction sites in the area of information dissemination. It must be ensured that false information is identified more quickly than that. The major platforms such as Twitter and Facebook have already done quite a bit to achieve this, but it seems that the distribution is now shifting to WhatsApp, which poses a major challenge to technology in the fight against an infodemic.

Photo of author

Chris Wojzechowski

Mein Name ist Chris Wojzechowski und ich habe vor wenigen Jahren meinen Master in Internet-Sicherheit in Gelsenkirchen studiert. Ich bin geschäftsführender Gesellschafter der AWARE7 GmbH und ausgebildeter IT-Risk Manager, IT-Grundschutz Praktiker (TÜV) und besitze die Prüfverfahrenskompetenz für § 8a BSIG. Unser Brot und Buttergeschäft ist die Durchführung von Penetrationstests. Wir setzen uns darüber hinaus für ein breites Verständnis für IT-Sicherheit in Europa ein und bieten aus diesem Grund den Großteil unserer Produkte kostenfrei an.