Digital Shadows, an Internet risk management company, found a listing on the dark web that sells boxes of surgical masks to people infected with the coronavirus. Each box contains 2,000 masks and costs roughly $6,500.
But this listing isn’t the only one on the deep web to take advantage of the pandemic. In Ukraine, a supplier has stated that they can make 200,000 of these masks in three weeks. That time frame is too short, so the products will most likely be of poor quality.
Most of these listings and ads appeared on a dark web marketplace called the Empire. This hub is infamous for selling illicit drugs and hacking equipment to anonymous users, so it’s no wonder that they would cover medical supplies.
These sales happen on a daily basis on the darknet. However, since the pandemic was declared, sales of surgical masks have surged due to the huge global demand. Pharmacies regularly report that they are in short supply of these masks. Yet, there’s no hard evidence that a mask can help prevent the coronavirus infection.
Hacker Activity and COVID-19
Digital Shadows has managed to uncover a vast number of deep web hubs that are taking advantage of the coronavirus pandemic. These pages are actively scamming gullible people by offering “high-quality surgical masks in bulk.”
There are obvious clues to look out for when browsing these pages. First of all, none of the product photos look legitimate. More often than not, they are stock photos of masks and other items.
In addition, they tend to be images of regular surgical masks. These don’t have an advanced respirator that might help with filtering the air and stopping the virus particles from entering our system.
Sadly, these scams often succeed. In the UK alone, over £800,000 was lost to deep web scammers for selling low-quality or non-existent products at outrageous prices.
Outside of the Deep Web
Digital Shadows has also uncovered hundreds of surface web pages that sell masks at heavily discounted prices. Nearly all of them have been registered within the past few weeks.
Phishing emails have also become a frequent scamming method. Hackers are using them to swindle unsuspecting healthcare workers out of their money.
Most of these emails claim to be spreading “coronavirus awareness.” Senders usually pose as IT teams from within healthcare organizations. One sample email that Sky News reported on mentions organizing an online seminar where they can discuss the virus. At the end of the email, the sender provides a registry link.
If someone clicks on that link, it takes them to a third-party website that looks like a web app. Registering on any of these websites is dangerous since they save your private information, which the hackers can use later on.