More than 80% of cyberthreats involve COVID-19


By Dylan Bushell-Embling
Wednesday, 01 April, 2020
More than 80% of cyberthreats involve COVID-19

Cybercriminals have wasted no time capitalising on the COVID-19 pandemic, with recent research from Proofpoint suggesting that over 80% of email-based threats are COVID-19 related.

The company's research team, which has been tracking malicious activity associated with the outbreak since late January, has to date uncovered over 500,000 messages, 300,000 malicious URLs and 200,000 malicious attachments with COVID-19 themes.

These attacks, spread out across more than 140 attack campaigns and counting, are global in scope and involve nearly every type of attack type, including business email compromise, credential phishing, malware and spam email campaigns.

Notable recent examples include a credential phishing campaign targeting retail companies in the US with a message claiming an unnamed staff member has been infected by the virus, as well as campaign targeting energy, construction and telecoms companies with a subject line indicating the target's neighbour has tested positive for the disease.

A more sophisticated attack is spoofing the real address of the head of the World Health Organization in an email claiming that a 'total control' method for COVID-19 has been discovered.

Another notable example is a credential phishing attack targeting Netherlands-based manufacturing, technology and industrial companies, which includes a message claiming that a major bank from the country is introducing a new 'antibacterial debit card' and inviting recipients to apply for this purported card.

These cases show that the focus of attackers is shifting as public concerns around COVID-19 also shift, Proofpoint said.

Early campaigns focused on concerns around the impact of COVID-19 on shipping and manufacturing. Current campaigns are focused on concerns around treatments and cures; as more employees are asked to work from home during the crisis, Proofpoint predicts that these themes will soon be incorporated into the social engineering attacks.

Image credit: ©stock.adobe.com/au/Parilov

Related News

Akamai launches zero trust platform

Akamai's new Guardicore platform combined Zero Trust Network Access with microsgmentation to...

Australian ransomware payments average at $9.27 million

Data from Sophos suggests that Australian businesses falling victim to a ransomware attack...

Veeam buys ransomware response company Coveware

Veeam has arranged to augment its cyber extortion incident response capabilities with the...

Content from other channels on our network

LAPP ÖLFLEX CLASSIC 110 control cables empower industrial connectivity

Delivering Dependable Fibre Optic Solutions for Challenging Environments through Enhanced Beam Cable Assemblies

Indonesia moves towards power grid resilience

Qld networks launch powerline safety campaign

Virtual power plants installed at regional schools

Extreme enclosure heli-lifted into an extreme environment

Cyber secured at critical network device level has never been more important

Cradlepoint 'Vehicle as a Node' is the Next Frontier for Emergency Services

Govt responds to post-incident review of Optus outage

UHF CB — you must be joking!

Central Highlands Water chooses Infor for ERP

The benefits and risks of AI usage in the public sector

Cobalt Iron earns patent on analytics-based dynamic authorisation control

Shoalhaven City Council uses AI to deliver safer roads to the community

Smart technologies: helping councils improve community services and sustainability

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd