Covid-19 Is Working Well For Criminals

Uploaded on 2020-06-09 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The coronavirus pandemic have fuelled a disturbing rise in the number of cyber-attacks. As COVID-19 pushes the legitiamte economy towards recession, the cyber crime economy appears to be surging.  Furthermore, the impact of the virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to profit from a significant chane in supply and demand.

Some criminals on the Dark Web seem to be  changing their behavior to take advantage of the special opportunities that see before them. 

Check Point Research has published a report about cyber attacks which specifically use the coronavirus pandemic. Three weeks prior to 12 May, the company recorded 192,000 coronavirus-related cyber-attacks every week, a significant 30% increase over previous weeks. During April-May 20,000 new coronavirus-related domains appeared on the Internet, and 17% of these were malicious and or suspicious.

The scale of the problem is so unprecedented that international organisations like Interpol and the World Health Organisation (WHO) have been releasing regular alerts and bulletins for the general public on covid-19 cyber-threats. Recently, Interpol’s cybercrime programme released a report, Global Landscape On Covid19 Cyberthreats, which identifies the latest modes and threats. Online scams, phishing and disruptive malware, which includes the dreaded ransomware, are the prominent modes of attack

  • “Business Email Compromise (BEC) has become the scheme of choice, involving the spoofing of supplier and client email addresses—or use of nearly identical email addresses—to conduct attacks," Interpol says. Hashtags like #WashYourCyberHands have been trending ever since to keep users up to date about the scams evolving every second.
  • Video-conferencing apps are being impersonated while platforms like Microsoft Teams and Google Meet have also been used to attract potential victims. Recently, people fell prey to phishing emails that came with the subject. “You have been added to a team in Microsoft Teams", the Check Point Research report notes. Clicking on the URL that accompanied this email would install malware on a user’s system, compromising its security. 
  • The WHO itself has been used as a decoy with receiving emails, supposedly from WHO, offering information on safety measures to avoid infection. Some users have even opened emails that claim to be a request to donate to WHO’s COVID-19 Solidarity Response Fund. The fund does exist but WHO would never mail you from, say, a Gmail account, as was the case in this instance.

The scams are not exclusivley aimed at individual users and numerous banks, real estate companies and other institutions too have been sending out SMSes and emails, asking customers to look out for suspicious calls or emails.  Phishing and other forms of cyber attacks are here to stay and next time you get an unsolicited email or a promotion campaign that looks too good to be true, think carefully before you click on it.

CheckPoint:       LiveMint:      SC Magazine:       Financial Times

You Might Also Read: 

Half Of Lockdown Remote Workers Ignore Cyber Security:

 

« Chinese Hackers Attacked EasyJet
Artificial Intelligence Takes Microsoft Jobs »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Institute for National Security and Counterterrorism (INSCT)

Institute for National Security and Counterterrorism (INSCT)

INSCT is a center for the study of national security, international security, and counterterrorism. Research programs include New Frontiers in Science, Cyber, & Technology

PortSwigger

PortSwigger

PortSwigger's Burp Suite is an integrated platform for performing security testing of web applications.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

NetMonastery DNIF

NetMonastery DNIF

NetMonastery is a network security company which assists enterprises in securing their network and applications by detecting threats in real time.

Hacker House

Hacker House

Hacker House teaches you what hackers can learn about your business and systems so that preventative solutions to protect your assets can be applied through active measures.

National Center for Manufacturing Sciences (NCMS)

National Center for Manufacturing Sciences (NCMS)

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

ICTSecurity Portal

ICTSecurity Portal

The ICTSecurity Portal is an interministerial initiative in cooperation with the Austrian economy and acts as a central internet portal for topics related to security in the digital world.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

UKsec: Virtual Cyber Security Summit

UKsec: Virtual Cyber Security Summit

Join 100s of UK Cyber Security Leaders Online for Expert Cyber Security Talks, Strategy Insights, Cyber Resilience Tips and More.

SafeGuard Cyber

SafeGuard Cyber

The SafeGuard Cyber SaaS platform empowers enterprises to adopt the social and digital channels they need to reach customers, while reducing digital risk and staying secure and compliant.

Wazuh

Wazuh

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Fenix24

Fenix24

Fenix24 is an industry leader in the incident-response space. We ensure the fastest response, leading to the full restoration of critical infrastructure, data, and systems.

Q5id

Q5id

At Q5id, we prove that your customers' digital identity and real-world identity are the same, our verification and authentication solution delivers a Proven and Secure digital identity for everyone.

Schellman

Schellman

Schellman is a leading provider of attestation and compliance services.

Sequentur

Sequentur

Sequentur is an award-winning Managed IT Services company. We are SOC 2 certified and provide Managed IT Services and Cybersecurity services to businesses nationwide.

Gleam Cloud Security Solutions (GCSS)

Gleam Cloud Security Solutions (GCSS)

GCSS Security is an information security firm providing cyber security protection with a highly skilled and experienced team focused on technology that creates best-in-class customer experiences.