Business
Focused
Technology

IT360
IT360

Quick Links

gear service ticket iconStart a service ticket

Coronavirus Phishing Attacks Skyrocket to 30% Increase

Scammers riding the COVID-19 wave are adapting to new scenarios as the pandemic evolves. Checkpoint recently discovered that over 192,000 coronavirus-related phishing attacks per week over the past three weeks, a 30% increase compared to previous weeks. In the past three weeks, almost 20,000 new coronavirus-related domains were registered: 17% of these are malicious or suspicious.

While we all try to get used to the Covid-19 pandemic’s ‘new normal’ in our work and home lives, this year has been a time of unprecedented opportunity for cyber-criminals.  The global response to the pandemic, and our desire for the latest information about it, has supercharged criminals’ and hackers’ business-as-usual models of phishing emails and fake websites.

So why do criminals rely so heavily on phishing emails to launch attacks?  The answer is simple:  because they continue to work.

For example, cyber criminals have recently sent malicious emails posing as the WHO from the domain “who.int” with the email subject, “Urgent letter from WHO: First human COVID-19 vaccine test/result update” to lure victims. The emails contained a file named “xerox_scan_covid-19_urgent information letter.xlxs.exe “ that contained the AgentTesla malware. Victims who clicked on the file ended up downloading the malware. 

As working from home is now the norm for a majority of people during the pandemic, we have reported previously how cyber criminals were using fake Zoom domains for their phishing activity. In fact, in the last 3 weeks alone, around 2,500 new Zoom-related domains were registered (2,449). 1.5% of these domains are malicious (32) and other 13% are suspicious (320). Since January 2020 to date, a total of 6,576 Zoom-related domains have been registered globally.

Coronavirus Related-Domains

At the beginning of the outbreak, domains related to live maps (tracking geographic areas that saw a rise in coronavirus cases) were very common, as well as domains related to coronavirus symptoms. Towards the end of March, the focus turned to relief packages and stimulus payments due to the economic plans executed by several countries. Since several countries have started easing restrictions, and begun planning the return to normal life, domains related to life after the coronavirus have become more common, as well as domains about a possible second wave of the virus. Along the entire pandemic timeframe, domains related to tests kits and vaccines remain very common, with slight increases as time goes on.

For a phishing attack to be successful, it has to trick users.  So to protect yourself, be suspicious of any email or communication from a familiar brand or organization that asks you to click on a link or open an attached document, no matter how official it appears to be. New-school security awareness training can ensure your users are spotting the warning signs as they continue to work in a remote workforce. 

SOURCE: KnowBe4

Principal Owner, Law Firm

Our law firm uses IT360, Inc. for all of our technology needs. They not only provide outstanding service at a reasonable fee, but we consider them an integral part of our practice.

Principal Owner, Law Firm

Recent
Technology News

IT 360 News
Threats and Infrastructure

From Arctic Wolf SUMMARY On February 7, 2024, CISA issued an advisory detailing their discoveries concerning state-sponsored cyber actors linked to the People’s Republic of China (PRC). Notably, the PRC-affiliated threat actor, Volt Typhoon, is actively engaged in efforts to infiltrate IT networks, with the potential aim of launching cyberattacks on vital U.S. infrastructure in […]

Read more
IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more