Experts from the National Cyber Security Centre (NCSC), UK, have warned the public to be wary of cyber-criminals using the Coronavirus outbreak to launch online attacks.
The organisation has urged businesses and the public to refer its online guidance while dealing with suspicious emails. NCSC has also initiated steps to automatically discover and remove malicious websites that use Covid-19 and Coronavirus as a lure for phishing and malware campaigns.
“We know that cyber-criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak,” said Paul Chichester, director of operations at the NCSC, in the announcement.
“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails. In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”
WHO last month issued an alert about cyber-criminals using the organisation’s name in phishing mails. Covid-themed email attacks are in full swing, said an F-Secure report. Malspam campaigns and mask scams led the list by the number of attacks observed, it said.
“While using current themes is nothing new for opportunistic threat actors, what’s interesting to note here is that one malware spam after another has started to use the coronavirus topic in their distribution emails,” wrote F-Secure researcher Maria Patricia Revilla Dacuno.
“Even more interesting is the usage of news information or public advisories as the basis for the email topics. This helps give validity to the email itself.”
Mask scams might seem straightforward compared to malspam campaigns, but it is a good example of social engineering, noted Patricia.
“People are already pressuring themselves to take precautions about the virus, and these advertisements try to attract them, make them feel like a solution is just a click away,”
With governments across the world enforcing steps to keep people homebound, cyber-criminals are looking to take advantage of this. Cyber-security company Mimecast has discovered a phishing email campaign with more than 300 examples targeting employees working from home.
“We see that threat actors are keeping up with the daily developments concerning the coronavirus. As the pandemic continues to spread, as more and more people are made to work from home, we are seeing more phishing emails that are trying to trick users into giving their credentials through a fake login page,” said Kiri Addison, head of data science at Mimecast.
“Threat actors are actively utilising this pandemic to attempt to compromise individual’s accounts and organisation’s networks. The potential for human error will inevitably increase in the coming weeks, at the same time I expect to see more of these phishing attempts in the coming days and weeks.”
Threat actors are clearly taking advantage of coronavirus fears and our increasing reliance on connected devices, noted Jamil N Jaffer, SVP at IronNet Cybersecurity.
“In a time where people everywhere are both concerned and dependent on reliable information, we’ve seen adversaries exploit the situation to create misinformation campaigns and undermine the confidence in our public institutions,” said Jaffer.
“Just as it is our civic responsibility to protect society from this illness in the physical realm, it is also our responsibility – government and industry alike – to work together to collectively defend from malicious actors in the cyber-realm who are using this outbreak to their benefit.”