Lauren Horne photo
Lauren Horne
May 13, 2020

"Colleagues at computer"

COVID-19 has sent millions to the unemployment line while others scramble to adapt to the cyber world of remote work. The resulting environment of desperation and increased internet usage has piqued the interest of malicious hackers. 

Now, the world is fighting a war on two fronts - against a physical virus, and an unseen army of virtual opportunists.

 

Phishing Attempts Have Increased by 667% During COVID-19

Barracuda networks saw a 667% increase in phishing attempts on individuals in the month of March. $12B has already been lost as a result of spear phishing and account takeovers. This unprecedented time of vulnerability has led to countless hijacked accounts and the theft of valuable confidential data. In fact, as of April 14, a British IT security company has identified over 1,700 malicious domains that contain the terms “Corona” or “COVID”.

Data Security Begins with Awareness

 

Data security, now more than ever, requires greater public awareness and the implementation of trusted security protocols. This is the only way to reduce and stamp out the wave of pernicious cybercriminals. It all begins with identifying the enemy and understanding how to react when a red flag is spotted. Cyber security knowledge must be disseminated at an individual and organizational level.

 

Why Are Phishing Attacks on the Rise?

Social effects caused by the global pandemic have resulted in the perfect storm of a vulnerable population and hackers with nothing but time on their hands:

  • Hackers have more time to study and exploit the vulnerability of online communities and manipulate them in unprecedented ways.
  • Hackers have greater motivation. Workers with low technical expertise are likely to fall prey to scams, while skilled groups might resort to hacking and phishing to earn a living illegally.
  • Cybercrime offers more gray areas than physical crime, and authorities may be easily thrown off the scent by expert hackers with sophisticated techniques. As such, cybercrime offenders may be brazened and intrusive in their attempts.

To make matters worse, cyber criminals aren’t only taking advantage of fear – they are also preying on solidarity and goodwill during the pandemic. While the global crisis has caused panic, it has also stirred up feelings of empathy and spurred charity. Users are more likely to be supportive of online causes, and they are also more hesitant to authenticate sources of information.

Malicious hackers veil threats in the disguise of charitable campaign newsletters with flashy sign-up buttons. These messages are viewed as genuine outreach programs, but when clicked by the recipient, they lead to system and account compromise.

 

Coronavirus Phishing Attack Examples

To leverage the COVID-19 crisis, hackers are assuming the identities of trusted agencies and organizations in their phishing attempts.

In February, a group of hackers pretending to be the CDC sent a phishing email to a manufacturing company in South Korea with the headline, “Re: nCoV: Coronavirus outbreak and safety measures in your city (Urgent)”. The disguised malware was strategically released in line with the onrush of COVID-19 information and reactive measures. Hackers are targeting populations that would be desperate for information about the virus and its consequences.

In another case, hackers assumed the fake identity of an Italian WHO employee. The scam targeted vulnerable Italian communities that have been hit the hardest by the outbreak. The phishing emails contained an attachment of “important precautions” that when opened, released a malicious Trickbot and stole confidential information from victims.

 

What Are the Most Frequent Types of Phishing Attacks?

 

According to Barracuda, the most common forms of phishing attacks involve scamming, brand impersonation, and business email compromise.

Scamming - These phishing emails are often disguised in the form of statements from the bank or friendly requests from a colleague at the office.

However, during the pandemic, hackers have been posing as government agencies and sending information about the spread of the virus within the victim's area. Often, an apparent link to an updated list of infection cases will result in a malicious payload.

Brand impersonation – This phishing technique usually invokes a tone of urgency in a message from a familiar brand, informing victims that their account has been suspended due to “suspicious activity”. The victim is then provided with a link to reset their password or clarify the issue. Clicking the link inevitably leads to a dummy site for stealing passwords or a malicious payload.

Rather than posing as familiar brands like Apple, Netflix, WhatsApp or Paypal, hackers have been impersonating healthcare and virus specialists during COVID-19. In these instances, malware attachments are usually disguised as a list of safety measures.

Business Email Compromise (BECs) –  A typical BEC scam involves phony e-mails in which the attacker poses as a trusted business executive to trick someone into wiring funds.

 

As more people work from home, hackers are targeting workplace email accounts. The subject line often indicates an urgent message of company disease management policies. Once malicious payload links are clicked inside these phishing emails, it is often too late to avoid the consequences.

 

How Can Organizations Prevent Phishing Attacks?

The risks of phishing can be significantly reduced with a holistic security approach that includes these processes:

  • Staff training in data security practices
  • Performing regular security health checks
  • Employing two-step verifications that offer an additional layer of defense

In addition to the right processes, it is also important to have the right tools to match security threats. A suite of security solutions will ensure that engineers, security officers, and CTOs can effectively mitigate risks and close security gaps.

Automated and intelligent tools like code protection will sort out phishing threats and remove human error from the equation. An arsenal of security tools and a trained staff who knows that security is everyone’s responsibility (especially when working remotely) is critical.

 


Sources

Barracuda: COVID-19: Keep Your Business Safe 

GitHub: COVID IOCS

Bloomberg: Hackers Posing as CDC, WHO Using Coronavirus in Phishing Attacks

Politico: Hackers use fake WHO emails to exploit coronavirus fears

SecurityBrief: Email attacks up 667% following rise of COVID-19 worldwide