There has been a rise in cyber attacks since the COVID-19 pandemic has shaken up the world. In addition to the recreational hackers having more free time on their hands, and thus hacking more, professional cyber-criminals are also using the global incident to further their own agendas. Below are the most common cyber attacks criminals are taking advantage of during the COVID-19 crisis.
Infosecurity Magazine quotes several vendors who have seen a rise in attacks. UK security firm Cloudflare has seen a 37% rise in phishing attempts, while Barracuda Networks has seen a jump of over 600% since the end of February in new phishing attempts. According to a report in CSO Online, some of the themes hackers are using in these emails range from analyst reports specific to certain industries and details of official government health advice to sellers offering facemasks or other information around operations and logistics during these times. The goal of these emails is to have the user install anything from ransomware and keyloggers to remote access trojans and information stealers. Many of the fraudulent emails are made to look like they are coming from the World Health Organization (WHO) or the Centre for Disease Control (CDC). Before opening any links in these types of emails, always make sure that the email really did come from one of these organizations.
In our quest for information about COVID-19, bad actors have been quick in making apps, for both iPhone and Android. While Apple has placed limits on COVID19-related apps in its App Store and Google has removed some apps from the Play store, malicious apps can still pose a threat to users. DomainTools has uncovered a site that urged users to download an Android app that provides tracking and statistical information about COVID-19, including heatmap visuals. However, the app is actually loaded with an Android-targeting ransomware now known as COVIDLock. Always be wary of downloading apps that don’t come from the Apple App Store or Goggle Play Store. Even then, always double check that the app is legitimate.
We wrote about the increase in coronavirus themed domain names in our blogs on March 9 and on March 16. At the time, CheckPoint software claimed more than 4,000 coronavirus-related domains were found to have been registered since the end of December, with 3% found to be malicious. The NCSC has reported fake sites are impersonating the US Centers for Disease Control (CDC) and creating domain names similar to the CDC’s web address to request “passwords and bitcoin donations to fund a fake vaccine.” Similar to the phishing emails, the bad domains are appearing to quench our thirst for more news, but the reality is, most of these sites are either trying to trick us out of our money, or trying to get us to download some form of ransomware. If you are desperate for COVID-19 related news, stick to traditional news sites. If you are going to the CDC or WHO website, ensure that you are actually on the correct site. Always check that the domain you are using is the correct one (no spelling mistakes, etc.).
If any of the above scenarios are keeping you up at night, please contact Uzado today for a free consultation.