cyber security newsletter 22

COVID-19 Cyber Threats: Phishing

Cyberthreats are constantly evolving in order to take advantage of online behaviour and trends. The COVID-19 outbreak is no exception.

Cyber criminals are exploiting the current pandemic for commercial gain by targeting individuals and organisations with COVID-19 related scams and phishing emails. We've already seen hackers attacking the World Health Organization, cyber criminals hitting a COVID-19 vaccine testing facility with ransomware, healthcare workers being targeted with Windows malware using coronavirus information as the lure and hackers targeting Zoom domains.

Phishing attempts were cited as the leading threats by 55% of respondents, followed by malicious Web sites claiming to offer information or advice about the pandemic (32%). This newsletter provides you with an overview of phishing related malicious activity. 

Cyber criminals rely on basic social engineering methods. By taking advantage of human traits such as curiosity and concern around the coronavirus pandemic, they can persuade potential victims to click on a link, download an application or open an attachment that’s been compromised.

Phishing 

Phishing is a cyber attack that uses a disguised email as a weapon. 

Examples of phishing email subject lines include: 

  • 2020 Coronavirus Updates
  • Coronavirus Updates
  • 2019-nCov: New confirmed cases in your City
  • 2019-nCov: Coronavirus outbreak in your city (Emergency). 

These emails will encourage the victim to click on a link that cyber criminals use for stealing valuable data, such as usernames and passwords, credit card. information and other personal information. 

Most phishing attempts come by email but can happen via SMS or even WhatsApp

Phishing for malware deployment 

In some cases, criminals craft an email that persuades the victim to open an attachment or download a file or an application. When the victim open the attachment the malware is executed, compromising the victim’s device. 

You should remain alert to increased cyber threats relating to COVID-19 and take proactive steps to protect yourself and your organisation. 

For genuine information about the virus, please use these trusted resources: