Months ago, the Firewall warned that cybercriminals were taking advantage of the anxiety and insecurity from COVID-19 to promulgate phishing schemes, malware, and other schemes. Interpol recently released a report (click here to download PDF from Interpol) warning of these dangers and other cybercriminal activity that exploits the current COVID-19 environment. As the Firewall advised in April, Interpol’s report notes that cybercriminals are taking advantage of the increased security vulnerabilities arising from the sudden shift to remote work.
Interpol groups the recent COVID-related cybercriminal activity into five categories.
Online scams and phishing. Interpol warns that cybercriminals are deploying COVID-19 phishing emails to trick victims into providing their personal data, such as user credentials and passwords, or downloading malicious content. Specifically, Interpol warns of Business Email Compromise (BEC), whereby a threat actor can spoof supplier and client email addresses to send scam emails. Threat actors also impersonate government entities or global health authorities such as the World Health Organization. Typically, these phishing schemes will involve:
False government orders and financial support initiatives
Fake payment requests and money reimbursements
Offers of a phony COVID vaccine or medical supplies
Malicious COVID-19 tracking apps for mobile phones
Investments and stock offers
COVID-related charity and donation requests
Disruptive Malware (Ransomware and DDOS). Interpol reports that disruptive malware campaigns have shifted from individuals and small businesses to government agencies and the healthcare sector, where they can obtain greater ransoms. Threat groups that had been relatively dormant have revived themselves to launch ransomware—especially ransomware in the CERBER, NetWalker, and Ryuk families—or DDoS attacks. (Similarly, the FBI recently warned of Netwalker ransomware attacks on U.S. and foreign government organizations, education entities, private companies, and he ..
Support the originator by clicking the read the rest link below.
