Analysis of a Coronavirus scam from a software developer point of view
With the rise of the Corona virus pandemic, there seems to be scammers who are taking advantage of this, in an attempt to defraud innocent people. This is made effective by the fear generated and the brains primal instinct to survive. It’s so convincing that with my many years of software development experience, I was almost convinced to give my banking details (primal instincts kicking in).
The following are the screenshots from the sequence of events that seem to indicate a scam. (For context I am in Toronto, Canada, therefore it might look different in your city.)
1) The Text Message
I got the above text message at 11:20 pm which states there are free surgical masks available (emphasis on free). I think to myself great, as they are out of surgical masks from all the major stores. However, the message is from http://Mask-RedCross.ca. I think to myself, when did red cross change their domain name (their actual domain name is https://www.redcross.ca/). Also why are they using unsecured http as opposed to the more secure https format where the data is encrypted using ssl certificates provided by a certificate authority.
However, I click through to the site, because why not, and also what if it’s real (the brain’s primal self preservation instinct is starting to take over).
2) The website
At first glance, the website seems like it could b legitimate i.e. it has the red cross colours. But on further inspection, a few things stick out such as, why are they asking for $ 5 for “delivery”, I thought it was free. And the biggest hint was their domain name, why are they using an IP address i.e. 126.96.36.199 as opposed to their advertised domain name even if it’s not legitimate i.e. Mask-RedCross.
I am curious now, I follow the logical flow on my mobile device.
3) Payments Screen
They then ask for payment details etc, but it seems legit at first, which threw me off. They seem to have all the subconscious markers in place such as the footer i.e.
They seem to have a charity registration number which as a person who doesn’t deal with red cross or online charities might lead me to believe in its legitimacy.
At this point I had a moment of hesitation, as I would have loved to believe this was true. Fear can make your mind make illogical decisions or lead you to believe blatantly obvious lies. And I guess this is why such scams work, as they are driven by the brains primal instinct of self preservation and survival hence makes one more easily susceptible to manipulation, which would not have worked on a normal state of events.
5) Confirming with Red Cross
To put my fears and suspicions to rest I decided to google Red Cross, which led me to the legitimate Red Cross Canada’s page i.e. https://www.redcross.ca/. This seems legit, as they use the https format which indicates ssl certificates are in place. Clicking through the site, this was the first thing I saw.
Sure enough, it was a scam!!!
Fear is an easy thing to take advantage of, and there seems to be a lot of it going around. Unfortunately, it means there will be a greater than usual amount of scams going as well. Even though not an exhaustive list hopefully this blog will give indicators of things to watch out for.
But in my subjective opinion, if you are unsure if it’s a scam or not, contact the local police or at least google the parent company the e-mail or text message seems to indicate. If the domain names don’t match it’s probably a scam.
Stay safe, stay vigilant, but remember, as the old Persian saying goes ….