COVID-19 and cyber risk: Recent threats and scams
With many parts of the world still facing restrictions to prevent the spread of COVID-19, remote working is the new normal for lots of businesses and individuals. Unsurprisingly, cyber criminals are taking advantage of the current situation and an increased number of vulnerable targets.
Below are some of the common attacks we have seen recently.
COVID-19 themed phishing attacks have been on the increase with all sorts of campaigns ranging from government relief to health information supposedly from the World Health Organisation (WHO).
Website scam (impersonating UK gov.uk domain)
SMS phish purporting to be from GOV.UK
1. Cyber criminals are preying on people’s fears and vulnerable state by developing apps that appear to provide essential and timely information, such as where to buy N95 face masks or how to track recorded cases in real-time.
Fake Covid-19 tracker app providing users with tracking and statistical information about Covid-19 and heatmap visuals
2. Hackers are also creating counterfeit versions (with malicious code) of legitimate COVID-19 apps. Softmining, an Italian software company that created a tracker app for COVID-19, reported that attackers had developed similar apps with the original app’s functionality but with malicious code designed to steal user data.
Softmining notice on their website
3. Scammers have launched a website containing a digital antivirus – corona antivirus – that promises to protect its users against the actual COVID-19 virus. This malicious software posing as an antivirus, once downloaded, turns the device into a bot. A bot is a zombie computer awaiting commands from a command-and-control server operated by a malicious actor.
Malicious Corona Antivirus website
What can business or individuals do to protect themselves from the above scams?
- We urge businesses to alert their employees on potential incoming phishing emails. Employees should be trained to spot and manage phishing emails. Hiscox currently offers the Hiscox CyberClear Academy, a free cyber awareness training platform, to all of its cyber insurance customers. The platform also contains helpful modules such as Bring Your Own Device (BYOD) and Remote and Mobile Working.
- Anti-malware software, IDS/IPS (Intrusion Detection/Prevention Software) etc. should be up-to-date.
- Use only applications recommended/vetted by the business on work devices. On personal devices, users should download apps recommended by relevant bodies such as the WHO or the government and this should be from their official websites. Many of these malicious apps can be found in Android stores.
- Enable Multi-factor Authentication (MFA) on user accounts, especially administrator accounts.
Follow the suggestions above, keep communications going with employees and stay on the lookout for potential cyber threats.