Header Ads

Breaking News

6 ways attackers are exploiting the COVID-19 crisis


While organizations can take plenty of steps to ensure employees are well-equipped to work remotely in a secure manner, threat actors of all stripes are already taking advantage of the COVID19/coronavirus situation. Never ones to miss an opportunity, attackers are ramping up operations to spread malware via Covid19-themed emails, apps, websites and social media. Here’s a breakdown of potential threat vectors and techniques threat actors are using to attack organizations.

How attackers exploit the COVID-19 crisis

1. Phishing emails

Email is and will continue to be the largest threat vector for people and organizations. Cybercriminals have long used world events in phishing campaigns to up their hit rate, and coronavirus is no exception.

Digital Shadows reports that dark web markets are advertising COVID19 phishing kits using a poisoned email attachment disguised as a distribution map of the virus’s outbreak for prices ranging from $200 to $700.

Themes in these emails range from analyst reports specific to certain industries and details of official government health advice to sellers offering facemasks or other information around operations and logistics during these times. Payloads included in these emails range from ransomware and keyloggers to remote access trojans and information stealers.

“Our threat research team has observed numerous COVID-19 malicious email campaigns with many using fear to try and convince potential victims to click,” says Sherrod DeGrippo, senior director of threat research and detection at Proofpoint. “Criminals have sent waves of emails that have ranged from a dozen to over 200,000 at a time, and the number of campaigns is trending upwards. Initially we were seeing about one campaign a day worldwide, we’re now observing three or four a day.”

DeGrippo says around 70% of the emails Proofpoint’s threat team has uncovered deliver malware with most of the rest aiming to steal victims’ credentials through fake landing pages like Gmail or Office 365. Proofpoint says the cumulative volume of coronavirus-related email lures now represents the greatest collection of attack types united by a single theme the company may have ever seen.

Copyright © 2020 IDG Communications, Inc.



Source link

No comments