Organised crime gangs are exploiting the fear and uncertainty generated by the COVID-19 pandemic to target individuals and businesses.
Many existing organised crime groups have changed their tactics to use COVID-19 related materials on health updates, fake cures, fiscal packages, emergency benefits and supply shortages.
Since mid-February, global professional network KPMG said in a paper, member firms have seen the rapid build-out of infrastructure by cyber criminals to launch COVID-19-themed spear-phishing attacks. These are aimed at luring the targets to fake websites seeking to collect Office 365 credentials.
KPMG cited the examples of campaigns, including COVID-19 themed phishing emails, attaching malicious Microsoft documents which exploit a known Microsoft vulnerability to run malicious code. These documents contained health information which triggered the download of Emotet or Trickbot malware. They include multiple phishing emails luring the target users to fake copies of the US’s Centre for Disease Control (CDC) website which solicit user credentials and passwords.
Akhilesh Tuteja, Global Cyber Security Practice co-leader, and partner at KPMG India, said, “A selection of phony customer advisories purporting to provide customers with updates on service disruption due to COVID-19 led to a malware download. Phishing emails purporting to come from various government Ministries of Health or the WHO directing precautionary measures, again embedding malware.”
Tax rebate phishing lures encouraging recipients to browse to a fake website that collects financial and tax information from unsuspecting users also started occurring.
Mr. Tuteja further said, “A firm must provide remote workers with clear guidance on how to use remote working solutions including how to make sure they remain secure and tips on the identification of phishing while calling to ensure that all provided laptops have up to date antivirus and firewall software.”
KPMG recommends that the response to these could include some steps to reduce the risk to an organization and its employees, particularly as companies shift to remote working. It also suggests raising awareness amongst the team warning them of the heightened risk of COVID-19 themed phishing attacks.
KPMG further advises to run a helpline or online chat line which they can easily access for advice or report any security concerns including potential phishing. Encrypt data at rest on laptops used for remote working given the risk of theft. It also recommends disabling USB drives to avoid the risk of malware, and offering employees an alternate way of transferring data such as a collaboration tool.
