By Stickley on Security | March 30, 2020
Skyrocketing Corona Virus Cybercrime
In these uncertain times, staying smart about personal health is necessary to fight corona virus (COVID-19). But we also need to stay smart about cybersecurity. True to form, cybercriminals are doing everything they can to lie, cheat, and steal their way onto your device and into your personally identifiable information (PII). Stealing finances and identities are nothing new for hackers, but what is new is the voracious rate at which they are using COVID-19 as a cover for fraudulent activity.
A recent study by Check Point Research shows a 10x increase in the average number of new, registered domains since the end of this February. It also finds thousands of new websites are popping-up overnight with corona virus-themed domains, and these are 50% more likely to be malicious. Hackers are capitalizing on COVID-19 virus fears with dramatically increased email phishing attacks, malware-laden attachments, and bogus links to compromised websites. At a time when people are vulnerable to deception, there’s one thing we can be sure of–cybercriminals are working overtime.
Many millions of users are relying on their devices for vital connections to family and friends, shopping, school, work, entertainment, and more. That means an abundance of cybercriminals are ready and waiting to dupe unsuspecting victims with their illegal schemes. Right now, COVID-19 website themes abound, with many promising trusted information to the public, and still others reassuring the purchase of products in high demand. These fake or “spoof” URLs abound, with many of them taking advantage of typosquatting, which happens when a user accidentally misspells a domain name. Below are some of the corona virus-themed attacks that are currently circling the globe, as well as digital hygiene tips for you and your device.
Malspam (malicious spam) campaigns are targeting finance, manufacturing, transportation, and pharmaceutical industries. One campaign exploits a Microsoft Office bug to install info-stealing AZORult malware on a system. This one uses a fraudulent version of the Johns Hopkins Coronavirus Map as an infected file. Other malspam offers masks and other health items for sale. Hackers take payments and send nothing in return.
To learn more about the latest fraud updates, consumer education, and tips to avoid being scammed, visit our Stickley on Security Fraud Center.