The rapid worldwide spread of the Coronavirus, renamed COVID-19, has unfortunately also spurred new cyber threats from threat actors utilizing the panic for personal gain. Such cyberattacks are especially concerning as companies ask employees to work remotely. Given that people have a heightened interest in news regarding COVID-19, the door is open wide for social engineering, exploitation, and malicious activities.
Using worldwide COVID-19 panic, cyber threat actors have begun utilizing new methods to spread malware and scams to prey on a distracted public. Such methods include Coronavirus-themed phishing emails, booby-trapped URLs, and credential stuffing scams. In one example, hackers use a PDF of Coronavirus-related safety measures to spread Remcos RAT and malware payloads. In another, threat actors send official-looking Microsoft documents with macros that drop a backdoor onto a victim’s computer. And yet another phishing campaign allegedly from the Centers for Disease Control tempts recipients to click on a malicious URL. There has also been confirmation that the virus is being used to distribute the Emotet Trojan. Related: Portland Mental Health & Wellness Proactively Uses Paubox During COVID-19 Pandemic Recent reports further show a spike in new, Coronavirus-related domain names; most are used in phishing schemes while the rest try to sell cures or preventative products. There is no doubt that these malicious campaigns will continue and grow.
Training, even remotely, is even more important and must include information on spotting a phishing email, website, or even text—no blind clicking without due diligence. Keeping people cyber safe during times of crises is important for long-term security.