Coronavirus: Hackers Are Now Launching Dozens Of Email Scams Each Day
Hackers and crooks, from amateurs to professional organised criminals, are using the COVID-19 coronavirus outbreak as an opportunity to advance their plans at a time when many of their targets are distracted, worried and working from home.
Coronavirus-themed attacks now predominate: according to security company Proofpoint, four out of five scam emails are using coronavirus themes in some way.
Those emails include business email compromise scams, phishing, malware, and spam email campaigns. At the end of last week, Proofpoint said it had seen over 500,000 messages, 300,000 malicious URLs, 200,000 malicious attachments with coronavirus themes across more than 140 campaigns, with numbers continuing to increase. Proofpoint said there had been a "significant amount" of credential phishing -- attempts to steal passwords and log-in details -- in these attacks, with groups ranging from unknown wannabees to prominent organised crime groups like those behind Emotet.
"Cyber criminals, proving beyond doubt they are completely devoid of morals, have ramped up their activities, unashamedly using all manner of coronavirus lures to trick people. We are now seeing dozens of different email campaigns per day," said security company Trustwave, which has provided a series of examples of the types of scams under way.
SEE: Working from home: Success tips for telecommuters (free PDF)
Some of these are pretty basic, like fake fundraising schemes that try to persuade you to donate bitcoin to their phoney fund. "At the time of writing, this bitcoin wallet did not have any transactions against it, so hopefully, the campaign was a fail for the bad guys," Trustwave said.
Others are more sophisticated, with a number posing as messages from the World Health Organisation to trick recipients into opening the attachment. In one example, opening the attachment would trigger the launch of Hawkeye, a keylogger and information stealer. Another email, which claims to come from the manufacturer of face masks with excess supplies to sell on, also contains an executable, this time launching Agent Tesla, a common and readily available keylogging and info-stealing remote access trojan. Data it attempts to steal includes details of the PC's operating system, processor and user name, plus user names and passwords from browsers.
Another headache is that millions of staff working from home are potentially at greater risk. Some may be using an unfamiliar PC to log on -- or even their own home device, which may be less secure than the one they use in the office. Others may be distracted by their own worries and less likely to spot a bogus email when it appears.
The UK's Financial Conduct Authority (FCA) is the latest to warn about the risk of coronavirus-themed scams, warning savers to beware of bogus investment advice. "Fraudsters will exploit the coronavirus to prey on anxiety and fear of savers and investors, especially those who may be vulnerable," the FCA warns.
Both the UK's cybersecurity agency and its European counterpart have published guidance on how to work from home securely.
Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals
The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more
AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments
Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more
Technology Sector Fuels U.S. Economic Growth In Q2
The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more
Tech Start-Ups Advised To Guard Against Foreign Investment Risks
The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more
Global IT Outage Threatens To Cost Insurers Billions
Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more
Global IT Outage Disrupts Airlines, Financial Services, And Media Groups
On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more