Red alert ‒ the hacking trick with Coronavirus

The Swiss government has changed its information campaign to red alert because of the current situation. In this latest blog article, our cyber security expert Stefan Rothenbühler describes how cyber criminals are using the fear of coronavirus for their own ends, and why the fear game nearly always works.

Since last week, the coronavirus has also become an issue in Switzerland. There are daily media reports of new infections, and the Federal Office of Public Health has even banned major events like the Basel carnival.

According to recent reports, a fear of infection by the coronavirus is also being exploited by cybercriminals for their own nefarious purposes. They are concealing malware in documents that are supposedly intended for educational purposes. In relation to the newly identified coronavirus, PDF, MP4 and DOCX files have been disguised. Their file names indicate that the recipient can download safety information about the coronavirus, whereas, in fact, the files contain a whole series of malware that encrypts and destroys data and interferes with the operation of computers and computer networks. These phishing e-mails are one of the most popular and successful means of attack used by hackers.

As a cyber security expert, I can also see parallels with cyber threats. People's fear is not only being exploited by fraudsters, who are currently selling protective masks and disinfectants at hugely inflated prices, but also by cybercriminals who are trying to "infect" their victims with fear.

Fast thinking – slow thinking

Fear almost always works, whether it relates to the coronavirus or a computer threat. Why is that? Here I would like to refer to a book I recently read. Daniel Kahneman's book "Thinking, fast and slow" describes our behaviour in case of fear very well. Kahneman distinguishes between two basic ways of thinking: fast, instinctive and emotional thinking (system 1), which can be very dangerous, and slow analytical thinking (system 2), which allows us to assess a situation with greater clarity.

Our ancestors adopted this fast, instinctive way of thinking, for example when it came to deciding whether the shadow behind a bush was a lion or just a small mammal. Fast thinking could save lives. Another advantage is that the brain does not have to deal with routine stuff. For example, every morning the front door is automatically locked and you don't have to think about it again. To sum up, this kind of quick thinking saves our lives and lets us do things automatically, but there are also intrinsic dangers with it. Too often, we rely on fast thinking when slow, analytical thinking is what is needed, for example when we open an e-mail or click away a security warning.

In the following table I have put together examples of the two different ways of thinking about the coronavirus and IT security: 

  Coronavirus "routine" IT security

System 1
Fast, instinctive, emotional thinking

  • Automatically shaking hands to greet someone.
  • Sneezing into the hand instead of the crook of your arm.
  • "Someone is coughing - they must have the coronavirus."
  • Unthinking use of doorknobs or smartphones.
  • The password is entered x number of times a day.
  • "My password will expire if I don’t do something."
  • "Another macro warning - I'll click it away."
  • "I will be prosecuted if I do not do something."
System 2
Slow, analytical thinking
  • "Do I need such a large stock of emergency supplies?"
  • The recovery rate is remarkably high.
  • Providing I follow basic hygiene procedures, the risk is very low.
  • "I've never had to enter my password on a website before, there's something weird about that."
  • I have to get a macro signed off before I can run it.
  • I haven't ordered anything from that company.


The examples of fast, instinctive and emotional thinking are in conflict with the FOPH hygiene regulations and the recommendations for protecting ourselves against suspect e-mails. We are so used to acting this way that we find it difficult to alter these reflexes. By becoming aware of when we are thinking "fast" and when we are thinking "slow", we are more capable of protecting ourselves against viruses ‒ whether it is the coronavirus or computer viruses.

Protecting yourself against phishing e-mails

If you receive a suspicious e-mail, under no circumstances should you click on the link or open the attachment. Forward the e-mail to the internal Help Desk / IT Support.

Our cyber security experts have compiled the most essential techniques for detecting phishing emails in a free poster. Download it now!

Download Phishing Poster

<< >>

Cyber Security , Cyber Risks , CSIRT

Stefan Rothenbühler
About the author / Stefan Rothenbühler

InfoGuard AG - Stefan Rothenbühler, Principal Incident Responder

More articles from Stefan Rothenbühler

Related articles
Cyber Security Blog

Exciting articles, the latest news and tips & tricks from our experts on all aspects of Cyber Security & Defence.

Blog update subscription
Social Media