Coronavirus has become a new tool for hacking attacks on end users and businesses, according to Check Point, a provider of cybersecurity solutions. Since January 2020, more than 4,000 domains associated with coronavirus have been registered in the world. Of these sites, 3% are already recognized as malicious, and another 5% are suspicious.
This makes for over 300 malicious or suspicious websites that are potential hacking hot spots associated with the novel coronavirus.
According to experts, attackers also send spam emails with a link to a malicious site on behalf of what appear to be trusted organizations. In the case of coronavirus, it may be recommendations from health organizations or data on the spread of the virus that may be of interest to the recipient. When a link is clicked, malware is automatically installed on the user’s device.
Another variation is the standard phishing website which looks to garner personal information including usernames and passwords to sites that users are already registered to, or even prompts the user to enter their personal details on the bogus website.
The head of the Check Point Software Technologies representative office said that the human factor is still the most vulnerable security place, and social engineering methods are of particular interest to hackers due to the overall effectiveness of it.
The company’s specialists found fake emails on behalf of the World Health Organization of Italy. Experts noted that 10% of organizations in Italy were subjected to this attack.
The emails usually suggest that you familiarize yourself with the document prepared by the department, which describes all the necessary precautions against coronavirus. The document in the attachment is, of course, malicious and contains malware that gives hackers access to the user’s computer.
Check Point expert added that hackers often use the agenda to send phishing emails, and use both negative and positive events to attract users. For example, in November a few weeks before Black Friday, researchers discovered a significant increase in fake domains that mimic official online stores.
Spammers continue to use the coronavirus
In addition, a major spam campaign was recorded in Japan. There, cyber criminals send spam on behalf of the Japanese organization to help people with disabilities. Emails report the spread of coronavirus in several cities in Japan, prompting the recipient to open the document. If the user becomes interested and opens the attachment, the Emotet Trojan will be downloaded to his computer.
As the spread of the coronavirus continues, attackers will continue to use the coronavirus theme to conduct attacks on users and businesses. Cybersecurity experts recommend not succumbing to the first impulse when receiving such messages – do not open attachments and follow links in suspicious letters. Experts recommend being wary if there are a lot of spelling errors in the letter or on the websites – this is one of the signs of potential suspicious activity.
Recently, the European Central Bank called on financial institutions to prepare for a possible sharp increase in the number of cyber attacks as part of the consequences of the coronavirus epidemic. The regulator advised testing the capabilities of their technology systems “in the light of the potential increase in the number of cyber attacks and the potential higher dependence on remote banking services.”
The ECB is concerned that criminals might try to take advantage of the chaos caused by the virus. The outbreak prompted companies to ask employees to work at home or distribute them to different offices, while more customers could choose online banking instead of going to branches. Despite the fact that in recent years, banks have improved protection against hackers, the ECB has called cyber crime and technological gaps one of the main risks for the industry this year.