How cybercriminals attack public using fear during COVID-19
27 March 2020
Phishing has always been a notorious tactic used by cybercriminals.
However, the sheer volume of the people affected by coronavirus and the global
impact of the situation presents a unique opportunity for cyber criminals to
capitalise on fear and confusion in the workplace. People who are already in a
vulnerable state are easier to deceive. These attacks are directed at
individuals, organisations, major corporations in both private and public
Barracuda Networks detected over a 600% increase in email scams linked to coronavirus within the last month. According to their recent report, out of 467,825 email scams detected in between March 1st and 23rd, 9116 (about 2%) of these incidents were directly corona-related spear-phishing attacks. These attacks were categorised into 3 topics and the breakdown is as follows; 77% were scams, 22% were brand impersonations, and 1% were business email compromise.
In the scam and brand impersonation categories extra vigilance is
necessary for emails offering scarce items such as medical supplies, cures and facemasks.
Numerous fraudsters are asking for investments in fake companies that claim to
be working on the development of coronavirus vaccines, and still other cyber-crime
relates to collecting donation requests to fake charities.
Especially following the recent circulation of malicious spams that impersonate the World Health Organisation (WHO), and the intelligence agencies around the world, including the National Cyber Security Centre UK, warnings are issued about fraudsters who strive to make money or get access to credentials and confidential data using public fears surrounding COVID-19.
BBC reported phishing emails that were detected in different languages and provided examples of these email scams to warn the public. A major highlight of the BBC’s report is a series of fake email campaigns mimicking the Centre for Disease Control and Prevention, that makes a claim about the coronavirus now being airborne and urges people to either follow a link to a ‘map’ or to make a donation. On the event that an individual falls prey to this scam either by clicking on the link provided or downloading an attachment, a malware software takes over the victims’ device and provides the criminal with access to sensitive data.
Overall, it is highly important to be suspicious of emails that require
immediate action and particularly of those asking for donations in
contemplation of a ‘cure’ or providing links that offer additional ‘safety
Change all of your passwords and upgrade their quality (No more choosing 123myname! as your password, use favourite phrases and a friend’s phone number prefix for example).
Contact your IT department if you are using a work device and make sure your devices are insured for data breach, protected with anti-virus and/or two-factor authentication.
If you think any money or data is stolen, report this to Action Fraud as soon as possible and if you think you or anyone you know is in immediate danger call 999.
Be cautious of any emails requesting users to open attachments or click links.
Pay close attention to any communications claiming to be from sources that you normally would not receive emails from.
Always double check email addresses of organisations you regularly communicate with.
Find credible charities, be extra cautious when providing your card details and donate directly through verified organisations’ website.
Just as you are doing for the virus: Isolate
yourself from those who may carry virus into your IT environment and be careful
to keep home devices on secure WiFi and under close observation if you have
different people with access to your work area.
Cybertonica uses Machine Learning and Artificial Intelligence to manage risk and fraud, increasing trust and growing frictionless banking and m/e-payments globally. Cybertonica’s service increases conversion and sales by up to 25% while managing card-not-present and other categories of fraud at world-class compliant standards.
Cybertonica has won
numerous distinctions and awards since its product came to market, including
the “Best Use of Payments Data Award” at Emerging Payments Awards 2018 and the
“Best Data Analytics and Science Award” at Merchant Payments Ecosystem Awards
2018. Visit cybertonica.com to join us and
build the future of Trust in Transaction™.