Business
Focused
Technology

Coronavirus Phishing Attacks Skyrocket to 30% Increase

Scammers riding the COVID-19 wave are adapting to new scenarios as the pandemic evolves. Checkpoint recently discovered that over 192,000 coronavirus-related phishing attacks per week over the past three weeks, a 30% increase compared to previous weeks. In the past three weeks, almost 20,000 new coronavirus-related domains were registered: 17% of these are malicious or suspicious.

While we all try to get used to the Covid-19 pandemic’s ‘new normal’ in our work and home lives, this year has been a time of unprecedented opportunity for cyber-criminals.  The global response to the pandemic, and our desire for the latest information about it, has supercharged criminals’ and hackers’ business-as-usual models of phishing emails and fake websites.

So why do criminals rely so heavily on phishing emails to launch attacks?  The answer is simple:  because they continue to work.

For example, cyber criminals have recently sent malicious emails posing as the WHO from the domain “who.int” with the email subject, “Urgent letter from WHO: First human COVID-19 vaccine test/result update” to lure victims. The emails contained a file named “xerox_scan_covid-19_urgent information letter.xlxs.exe “ that contained the AgentTesla malware. Victims who clicked on the file ended up downloading the malware. 

As working from home is now the norm for a majority of people during the pandemic, we have reported previously how cyber criminals were using fake Zoom domains for their phishing activity. In fact, in the last 3 weeks alone, around 2,500 new Zoom-related domains were registered (2,449). 1.5% of these domains are malicious (32) and other 13% are suspicious (320). Since January 2020 to date, a total of 6,576 Zoom-related domains have been registered globally.

Coronavirus Related-Domains

At the beginning of the outbreak, domains related to live maps (tracking geographic areas that saw a rise in coronavirus cases) were very common, as well as domains related to coronavirus symptoms. Towards the end of March, the focus turned to relief packages and stimulus payments due to the economic plans executed by several countries. Since several countries have started easing restrictions, and begun planning the return to normal life, domains related to life after the coronavirus have become more common, as well as domains about a possible second wave of the virus. Along the entire pandemic timeframe, domains related to tests kits and vaccines remain very common, with slight increases as time goes on.

For a phishing attack to be successful, it has to trick users.  So to protect yourself, be suspicious of any email or communication from a familiar brand or organization that asks you to click on a link or open an attached document, no matter how official it appears to be. New-school security awareness training can ensure your users are spotting the warning signs as they continue to work in a remote workforce. 


SOURCE: KnowBe4

We hired IT360 as our computer hardware and software computer consultants when the company first went into business. Since then, they have helped us purchase new software and hardware equipment that we have instituted into the law firm. Any time we needed them to be there they have been. They have solved all of our problems including: stand alone computers, networking issues, Internet access issues, and software. I would highly recommend IT360 to anybody who needs help in these areas.

Partner, Law Firm

Recent
Technology News

IT360 News
‘New VPN Configuration’ Email Tricks Microsoft 365 Users Out of Credentials

Scammers are taking advantage of the prominent use of VPNs by remote workforces to send out this very topically relevant phishing email that just wants to steal your credentials. Nearly one-third of users utilize a VPN to access work-related sites and services. From a cybercriminal’s perspective, that’s a significant chunk of people they can target. The shift to remote […]

Read more
IT360 News
BEC Isn’t Back; It Never Left

Business email compromise (BEC) attacks aren’t new, but they’re growing increasingly effective, according to Zeljka Zorz at Help Net Security. Zorz cites an article from BakerHostetler, in which two attorneys describe how BEC attacks work and why they’re so effective. The lawyers explain that BEC attacks involve targeted phishing attempts coming from spoofed or compromised email […]

Read more