The “Other” Pandemic – COVID-19 Phishing
Cybercrime is an ongoing issue today, even in a state of a global pandemic. Phishing, malware and ransomware attempts are becoming more disguised and believable each day. Oftentimes, cybercriminals use current events to increase response to phishing campaigns. If you have had any conversations, watched television, or been outside your home then you are aware of the latest pandemic, the COVID-19. What you may not be aware of is the detriment that cybercriminals are manifesting based on the societal fears surrounding COVID-19.
In response, there has been a flood of phishing and spear-phishing campaigns related to COVID-19, commonly known as Coronavirus. The campaigns vary in exact messaging, but many have imitated the World Health Organization (WHO), Center of Disease Control (CDC) or HR departments issuing warnings and work-from-home guidelines. Criminals are weaponizing the fear surrounding COVID-19 in a variety of malicious campaigns. These malicious campaigns will come with various hostile links, requests for personal information, or even requests for money transfers. Many advisories have been issued explaining the need to take extra precautions to prevent users from receiving phishing attempts.
According to SKOUT Cybersecurity, A cyber security research company detected 403 users that utilize their security products were hit with 2,673 coronavirus related files that were an attempt to spread malware or steal credentials. Threat actors see this as an opportunity to steal personal and financial information via phishing emails or to spread malware or ransomware. Playing on fear or financial hardships, criminals are disguising themselves to steal money, sensitive information, and even hold your data hostage for a monetary ransom. The goal of a cybercriminal is to use emergencies, such as a health scares, to get individuals to make decisions quickly. For example, if you were to get an email from your HR department that asks you to click on a link and verify your Office 365 credentials to ensure you can work remote, how would you respond? Surprisingly, many staff members will blindly and rashly follow those instructions but would fail to notice that the sending address has a slight error and is coming from an outside source. You can imagine what happens next.
Some of these fraudulent COVID-19 emails are highly targeted, spear-phishing campaigns. For example, Japanese citizens were sent fake emails who pretended to come from their local health-care facilities. Even the contacts listed in the email resembled the actual name of local medical personnel. Another example of a fake email was targeted towards companies in the transportation sector. The spoofed sender claimed to be a World Health Organization (WHO) employee and the email provided an instructions document (attachment file) on how to check for and monitor your crew members for COVID-19 symptoms on a ship.
Always verify the authenticity of the sender by contacting the organization it claims to be from through its publicly published address or published telephone number before interacting with or responding to any email. If you are not expecting correspondence from that sender, delete the email without opening it. Do not click on any links or attachments in the email. Instead, type the known URLs manually into your browser or use previously created bookmarks to access any websites or pages referenced in the email links. Legitimate companies do not send unsolicited emails to verify sensitive information. It should be something that was initiated from the user’s end. If you have entered your credentials into a COVID-19 related phishing website, please contact NexusTek immediately to determine your risk level and potential remediation steps.
If you are a target of these phishing attempts, please report the email to your IT or cybersecurity provider as soon as possible. If you do not have a cybersecurity provider, please contact NexusTek to ensure your network is as secure as possible. Using cutting-edge tools like SKOUT Cybersecurity, NexusTek is providing clients with enhanced cybersecurity monitoring and response. NexusTek partners with many strategic companies such as SKOUT Cybersecurity, Barracuda Networks, and other key players in the cybersecurity field to offer a wide range of cybersecurity services like monitoring, response, training, assessments, email security and more.
With the influx of remote workforce requests, there are many cybersecurity considerations linked to pandemic fear. NexusTek is available to partner with your business and can offer cybersecurity protection and a cybersecurity consultation with one of our experts. Please contact us at the link below to start that conversation.