Profiting from a Crisis

[Reading Time – 3 minutes, 0 seconds]
What would you do if a pickpocket was caught stealing from COVID-19 patients being treated in an emergency room? You could react with shock, anger, anger, and indignation. These are health care professionals who are so focused on helping others that they lose sight of their wallets or purses.
However, this is exactly what we have in cybersecurity right at the moment: threat actors are taking advantage users around the globe whose thoughts are focused primarily on hand washing, social distancing and other life-saving defenses during the COVID-10 pandemic. These threat actors are profiting from this distraction, much like pickpockets in an emergency department.
Spear Phishing Attacks: Beware
Barracuda Networks has noticed a steady rise in spear phishing attacks related to coronavirus since 2020. Only 137 of these phishing attacks were discovered in January. This number jumped to 1,188 spear phishing attacks that were coronavirus-related in February. However, a 667% increase in attacks was observed during the first three weeks March. These attacks are increasing exponentially.
Diverse phishing campaigns are trying take advantage of our distracted attention on COVID-19. These campaigns are designed for malware distribution, user credentials theft, and to scam victims out of their cash. According to numbers, 54% of March’s phishing attacks were frauds, 34% were brand impersonation attacks and 11% were blackmail.
You can drill down to the exact attacks to see just how low cybercriminals will go.
One phishing blackmail attack saw threat actors claim they have access to the user’s personal information, including their address. If the ransom is not paid, the attackers threaten to visit and infect the user and their family with COVID-19. This attack was detected more than 1,008 times in just two days.
Fake Supplies, Fake Cures, and Fake Companies
Many phishing scams promise to sell face masks and coronavirus treatments. Scammers ask for investments in fake companies that claim they are developing vaccines. Another phishing scam asks for donations to fake charities such as the “World Health Community” (this is an organization that does not exist, but it has a name that is identical to the World Health Organization, which causes confusion).
Other phishing attacks can result in malware infecting victim’s computer. Email subject lines like “Breaking Coronavirus News Update” and “One Thing You Must Do” can be used to trick victims into clicking on the link. Phishing attacks can claim to be from the Center of Disease Control, and include a list of cases “around your area” and the advice to “Read the cases above to avoid any potential hazards.” However, clicking the link will install malware on your computer that attempts steal your Microsoft Exchange password.
Shock, outrage and anger!
What can be done? What should we do?
Last Wednesday, March 25, 2020, Namecheap announced it would no longer accept new applications for domain names that contained the words “coronavirus”, “covid,” or “vaccine” or any other versions of words or phrases alluding COVID-19. Legitimate companies and website owners may apply for domain names that contain one of these words by contacting Namecheap support and going through a manual process. This could prevent users from being confused by domain names that look authentic by excluding these words.
Protecting Yourself
This is just a small part of the overall picture. Protecting ourselves is the real burden.
These are the times to be extra cautious when reading emails. You should be skeptical about any email you receive, even if it appears genuine.
Do not click on an attachment or open a link from an attachment, even if it appears that it is from someone you trust.
Be cautious about emails that claim to be from sources you would not normally receive emails from. Remember, the CDC will not send you emails. They are very busy right now. ).
Emails that appear to be from users or organizations that you are familiar with should be treated with caution. “Brand impersonation”, a skill threat actors have sharpened to a razor’s edge, is an example.
Don’t reply to emails asking for money when you make a donation. No reputable charity accepts donations via Bitcoin wallets. You can find legitimate organizations online that you can send your money to.
These terrorists will do anything to capitalize on a crisis. Don’t aid them.