Subscribe
About
  • Home
  • /
  • Malware
  • /
  • Three ways coronavirus is impacting cyber crime

Three ways coronavirus is impacting cyber crime

Sophisticated cyber criminals are taking full advantage of the prevailing fear, uncertainty and doubt around the pandemic to gain financially.
Sandro Bucchianeri
By Sandro Bucchianeri, Absa group chief security officer
Johannesburg, 04 May 2020

Sadly, it’s not only the virus that’s spreading − the pandemic is providing ample opportunity for cyber criminals to accelerate their efforts.

The increase in COVID-19-related domains since January is, in itself, testament to possible increased criminal activity. This, coupled with growing uncertainty and widespread panic, creates the perfect environment for criminals to exploit vulnerable targets.

Here are some of the current trends as well as possible measures to address the latest tactics.

Escalating phishing scams

The South African Banking Risk Information Centre recently warned customers about a significant increase in phishing scams. Citizens are being manipulated into clicking on malicious links via e-mails and SMSes offering COVID-19 info, non-existent vaccines, hand sanitisers and masks, and then being persuaded to hand over personal data.

Of course, this culminates in identity theft, and bank accounts being accessed and compromised. These e-mails also often contain documents, embedded with malware that can access files, monitor user keystrokes and worse yet, encrypt your entire hard drive.

Criminals are also successfully managing to spoof the Web site domains of credible institutions such as the World Health Organisation or government departments, convincing recipients of the authenticity of the e-mail's COVID-19-related content.

Bottom line, if there is a sense of urgency or a “too good to be true offer”, it is probably a hacking attempt. Take the time to authenticate senders and Web sites, don’t click on any suspicious links and immediately delete any e-mails or text messages that seem unusual.

Fake apps

One of the most prolific, malicious apps doing the rounds is claiming to provide real-time coronavirus info, including statistics and heat maps. However, unbeknown to the user, the app contains sophisticated malware now dubbed as “CovidLock”.

This encompasses a screen lock attack, where users are denied access to their phones through the prompting of a password change. Once hackers have full control, victims are requested to pay $100 in Bitcoin, within 48 hours, to obtain a decryption code to unlock their phones.

With the increase in remote video meetings taking place, hackers are certainly getting creative.

If they don’t comply, they are threatened with having their photos, contacts and data deleted or having their social media accounts exposed.

The best way to avoid this, is to not trust apps from unknown third parties; rather download vetted applications from official platforms such as Google Play or Apple Store.

Capitalising on remote workers

During this period, non-essential workers who are able to, have had to resort to remote working − our reliance on technology has never been greater. This dependency naturally provides ample opportunity for cyber criminals to benefit.

A number of employees have received mails (seemingly from employers) providing false links to cloud repositories or company e-mail platforms, where hackers can easily obtain login credentials and access confidential business information.

Criminals are also creating fake company purchase orders and invoices for sanitisers or other supplies, conning employees into transferring money to fraudulent accounts.

What’s more, with so many employees accessing (often unsecured) virtual private networks from home, company servers are also more susceptible to crypto malware. Here, hackers encrypt servers, demanding Bitcoin in exchange for access.

It also stands to reason that, with the increase in remote video meetings taking place, hackers are certainly getting creative.

“Zoombombing” is occurring more and more, with hackers “gate-crashing” Zoom meetings, taking control of screens and showcasing pornographic or violent images. Not only are government departments and businesses vulnerable to these specific tactics, they also run the risk of having confidential information fall into the wrong hands.

Make sure you don't share meeting links, PINs, or screenshots (with anyone outside of those attending the meeting) and definitely not on social media; always ensure a strong password is required to join; set up waiting rooms in order to control attendance; and ensure only hosts are able to share their screens.

These vulnerabilities also speak to the need for companies to develop appropriate security measures and protocols for remote working.

Ultimately, cyber criminals are taking full advantage of the prevailing fear, uncertainty and doubt. Unfortunately, we are not just fighting a devastating global virus impacting the lives of billions, but we are also fighting sophisticated individuals intent on gaining financially.

Second guess everything you receive around COVID-19 and consult official channels for up-to-date and accurate information. 

Share