It turns out that hackers are jumping on the novel coronavirus (NCOV-19) scare to launch attacks and spread malware.
Several cybersecurity companies report an increase in the hacking attacks against a range of targets, to compromise computers and networks. According to FireEye, a cybersecurity company based in Milpitas, California, spearphishing increased from a number of hackers in China, North Korea, and Russia.
The senior manager at the company said all campaigns about NCOV-19 are used as a lure to compromise victim’s computers. If a person accessed the said campaigns, malware can be transmitted, gathering all data from the computer.
A security firm, Recorded Future also observed an uptick in the number of hackers using the outbreak to spread computer malware. These types of malware target the United States, Europe, and Iran, where new NCOV-19 strain emerged outside China. According to security specialists, the campaigns imitate the ones from trusted organizations like the World Health Organization and Centers for Disease Control and Prevention.
Last month, Check Point security firm also found several coronavirus-themed information campaigns that attract people from opening links from emails and social media platforms. Aside from personal computers of ordinary people, hackers are also stepping up their game to lure businesses in email compromise attacks.
Agari email security company said there has been evidence that showed the first case of the coronavirus-themed phishing email to trick businesses of turning over money. The security firm said these emails are used to deliver spam, and then steal credentials of email accounts. A threat group called Ancient Tortoise is making use of spoofed emails to trick businesses into settling outstanding balance but to a different bank.
The hackers use the phrase, ‘due to the coronavirus outbreak’ to lure people in accessing the links containing malware. For security companies, as long as there is a virus outbreak, more hackers will jump onto the situation to get valuable information from people, including bank details and other personal information.
“Do not respond to any electronic communication in relation to monies via email. And certainly do not click any links in any related message. This is not how HMRC would advise you of a potential tax refund,” reminded security analysts at Mimecast.
Several banks also issued warning on the impact of a pandemic, as more firms would be at risk due to the mass employee absences starting March 2020.