Check Point Detects 30% Increase in #COVID19 Attacks

Security experts are warning of a 30% spike in COVID-19-themed cyber-attacks over the past two weeks as hackers continue to spoof trusted brands and organizations.

Check Point revealed an average of 192,000 coronavirus-related cyber-attacks per week over the past fortnight — the vast majority of which were phishing emails.

Some, like a WHO-themed phishing email purporting to be an ‘urgent letter’ containing information on the first human vaccine test, contain password-stealing keylogging malware.

Others seen by the vendor are spoofed to appear as if sent by the WHO or UN and are extortion emails demanding Bitcoin payments.

Check Point also observed a surge in domain registrations as part of ongoing coronavirus-related phishing campaigns.

Nearly 37% of Zoom-related domains were registered in the past three weeks, it said. Of the 2449 detected, 1.5% were malicious and 13% categorized as suspicious. Similar lures include fake Microsoft Teams and Google Meets links/domains.

In total, Check Point claimed to have detected nearly 20,000 new COVID-19 registrations in the past three weeks, over a fifth (22%) of the total spotted so far since the beginning of the outbreak. Of this most recent batch, 2% are malicious and 15% suspicious.

The vendor urged users to beware of lookalike domains with spelling errors and unfamiliar senders, to not reuse passwords across accounts and to order goods only from authentic sources.

Intelligence from Google, Microsoft and the National Cyber Security Centre (NCSC) has maintained that, although COVID-19 threats are on the rise, the overall level of cybercrime is not.

Instead, it appears that cyber-criminals are repurposing other campaigns with COVID-19 themes in the hope of generating an improved success rate.

Google claimed last month to be blocking over 240 million COVID-19-themed spam messages each day, and 18 million malware and phishing emails.

What’s Hot on Infosecurity Magazine?