Phishing in lake COVID-19
COVID-19 sent our world into panic mode, with countries going into lockdown and the normal way of doing things no longer being possible. Economies remain under immense pressure, and travel is still restricted. Gatherings are limited. Shopping is only done when absolutely necessary. And, we all have new accessories that we need to have when going out in public: face masks and hand sanitiser.
Amidst all the panic and change, cybercriminals saw the opportunity to launch a flurry of cyber-attacks – attempting to access personal, confidential, and personal information.
During the first quarter of 2020, Interpol reports that there was a definite spike in COVID-19 related incidents. Over 900 000 spam messages were sent, more than 700 malware incidents were reported, and about 48 000 malicious URLs were detected.
Knowing that many entities have moved online, with individuals needing to stay constantly connected for work, study, and COVID-19 updates, cybercriminals knew there would be endless opportunities for cyber-attacks.
Some went the easy route, impersonating government departments and health institutions and emailing unsuspecting individuals’ information. These included sending the latest “COVID-19 statistics for their area”, or access to online resources where they would need to provide personal information.
April saw a sudden increase in ransomware attacks targeting healthcare and critical infrastructure institutions. High impact and high rewards proved to be the name of the game.
The spread of misinformation and fake news also rose significantly, making it difficult to separate fact from fiction. Incidents included emails containing hidden malware, the illegal trade of medication, and deals sent via SMS offering shopping discounts, free meals, and other benefits. The most common cases were those where criminals accessed corporate data, trying to get customer and employee data.
Here are just some of the many attacks that took place: