Covid-19 Is Working Well For Criminals

The coronavirus pandemic have fuelled a disturbing rise in the number of cyber-attacks. As COVID-19 pushes the legitiamte economy towards recession, the cyber crime economy appears to be surging.  Furthermore, the impact of the virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to profit from a significant chane in supply and demand.

Some criminals on the Dark Web seem to be  changing their behavior to take advantage of the special opportunities that see before them. 

Check Point Research has published a report about cyber attacks which specifically use the coronavirus pandemic. Three weeks prior to 12 May, the company recorded 192,000 coronavirus-related cyber-attacks every week, a significant 30% increase over previous weeks. During April-May 20,000 new coronavirus-related domains appeared on the Internet, and 17% of these were malicious and or suspicious.

The scale of the problem is so unprecedented that international organisations like Interpol and the World Health Organisation (WHO) have been releasing regular alerts and bulletins for the general public on covid-19 cyber-threats. Recently, Interpol’s cybercrime programme released a report, Global Landscape On Covid19 Cyberthreats, which identifies the latest modes and threats. Online scams, phishing and disruptive malware, which includes the dreaded ransomware, are the prominent modes of attack

  • “Business Email Compromise (BEC) has become the scheme of choice, involving the spoofing of supplier and client email addresses—or use of nearly identical email addresses—to conduct attacks," Interpol says. Hashtags like #WashYourCyberHands have been trending ever since to keep users up to date about the scams evolving every second.
  • Video-conferencing apps are being impersonated while platforms like Microsoft Teams and Google Meet have also been used to attract potential victims. Recently, people fell prey to phishing emails that came with the subject. “You have been added to a team in Microsoft Teams", the Check Point Research report notes. Clicking on the URL that accompanied this email would install malware on a user’s system, compromising its security. 
  • The WHO itself has been used as a decoy with receiving emails, supposedly from WHO, offering information on safety measures to avoid infection. Some users have even opened emails that claim to be a request to donate to WHO’s COVID-19 Solidarity Response Fund. The fund does exist but WHO would never mail you from, say, a Gmail account, as was the case in this instance.

The scams are not exclusivley aimed at individual users and numerous banks, real estate companies and other institutions too have been sending out SMSes and emails, asking customers to look out for suspicious calls or emails.  Phishing and other forms of cyber attacks are here to stay and next time you get an unsolicited email or a promotion campaign that looks too good to be true, think carefully before you click on it.

CheckPoint:       LiveMint:      SC Magazine:       Financial Times

You Might Also Read: 

Half Of Lockdown Remote Workers Ignore Cyber Security:

 

« Chinese Hackers Attacked EasyJet
Artificial Intelligence Takes Microsoft Jobs »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

BruCON

BruCON

Brucon is Belgiums premium security and hacking conference.

Jones Day

Jones Day

Jones Day is an international law firm based in the United States. Practice areas include Cybersecurity, Privacy & Data Protection.

ThaiCERT

ThaiCERT

ThaiCERT is the national Computer Security Incident Response Team (CSIRT) for Thailand.

Council of Europe - Cybercrime Programme Office (C-PROC)

Council of Europe - Cybercrime Programme Office (C-PROC)

The Cybercrime Programme Office of the Council of Europe is responsible for assisting countries worldwide in strengthening their legal systems capacity to respond to cybercrime

ADF Solutions

ADF Solutions

ADF Solutions is a leading provider of digital forensic and media storage exploitation tools.

First Response

First Response

First Response is a Cyber Incident Response and Digital Forensic Investigation company.

Advantech

Advantech

Advantech is a leader in providing trusted innovative embedded and automation products and solutions. Activities include IoT security.

Open Systems International (OSI)

Open Systems International (OSI)

Our innovative Operations Technology (OT) solutions are highly scalable and can be deployed by various utility companies to monitor, control and optimize their real-time operations.

Institute for Cyber Security Innovation - Royal Holloway

Institute for Cyber Security Innovation - Royal Holloway

The Institute for Cyber Security Innovation aims to bring together Academia, Industry and Government to be a catalyst for applied research and innovation in cyber security policy and solutions.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

Cyphercor

Cyphercor

Cyphercor is a leading smartphone and desktop-based two-factor authentication (2FA) provider.

National Cyber Security Authority (NCA) - Saudi Arabia

National Cyber Security Authority (NCA) - Saudi Arabia

The NCA is the government entity in charge of cybersecurity in Saudi Arabia and serves as the national authority on its affairs.

Jump Capital

Jump Capital

Jump provides series A and B capital to data-driven tech companies within the FinTech, IT & Data Infrastructure, B2B SaaS and Media sectors.

L3Harris Technologies

L3Harris Technologies

L3Harris Technologies is a global aerospace and defense technology innovator, delivering solutions to meet mission-critical needs across air, land, sea, space and cyber domains.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.