Hackers Are Targeting Corona-Virus Pandemic, Block Using Free Antivirus Software
Just as you quickly look at your cell phone in a store on Black Friday, you discover an offer from Amazon that is too good to be true and is only valid for the next two hours.
As the tax return deadline is approaching, you will receive an
email from the tax authorities asking you to confirm some information
immediately, otherwise, your refund will be delayed.
Or, following the recent catastrophic hurricane, an email from
the Red Cross contains an urgent request for donations, allegedly to help those
who lack shelter, food or clothing.
These are all examples of event-based email attacks that take
advantage of current events such as holidays, sporting events, and natural
disasters to create compelling phishing baits. Outstanding or current
events have three important characteristics that make an email attack more
likely to succeed:
- An inherent sense of urgency: the vacation or sporting event is just around the corner, or the disaster has just happened. One way or another, it creates a sense of urgency that can be exploited to provoke immediate responses.
- Important legitimate email traffic: Various parties (e.g., corporations, government agencies, nonprofits, etc.) are sending important messages related to the event and users are eagerly awaiting those messages.
- Confused users: Due to changing conditions in their real-world or because they experience a lot of emotions (worry, fear, anxiety, stress, etc.), users are confused and more inclined to neglect their vigilance.
- Coronavirus phishing and scams, as in the previous example of event-based email attacks are on the rise.
The latest lure for event-based email attacks is the global
coronavirus pandemic - and it contains the features outlined above. Overall,
the world feels an incredible sense of urgency as the number of cases
skyrockets every day. Schools and most businesses are closed, so workers
prepare to work from home while balancing it with their children. These
closings and the first signs of an economic downturn are causing wild market
volatility and unprecedented action by governments around the world.
All of this has left us tired, distracted, confused, anxious,
fearful, and desperate and has left us looking for reliable information. While
government agencies, businesses, schools, and other organizations are sending
numerous legitimate emails about the coronavirus, hackers are taking advantage
of this location to launch a wide variety of email attacks, including spam,
fraud, phishing, spear-phishing, and malware.
Based on our global visibility into email traffic, Protegent was the first to spot the usual flood of spam that COVID-19 is exploiting to
peddle items like face masks. The following example is rather harmless,
albeit unsolicited. The display name has been changed to Coronavirus Mask,
but the message content highlights "Respirators against pollution and for
clean air".
We have also seen a wide variety of
email scams that are similar to spear-phishing in that they lack links
or malicious attachments. In the example below, someone pretending to be
an engineer for an offshore oil company offers the recipient an assistant job. Due
to the coronavirus, this is a job where work is carried out from home,
according to the email message.
Very quickly, however, we began to see
more sophisticated phishing campaigns pretending to be the World Health Organization (WHO), the Centres for Disease
Control (CDC) and the government agency (GOV.UK). The GOV.UK phishing
email on the left claims that the recipient is eligible for a £ 128 tax refund
in response to the coronavirus and leads them to a phishing page asking for the
funds can access. On the right is a WHO phishing page that asks the user
to verify their account information to download COVID-19 security
measures.
With
the US and other governments around the world approving stimulus plans, we
expected additional waves of attack, lured with government support checks and another economic stimulus. Also, given the sharp rise in
unemployment figures, we also expect an increase in fake job offers similar to
the above example.
Introduction of Event Tracking for Protegent Antivirus for Office 365
While operator solution providers and IT administrators
naturally have to deal with all kinds of threats, event-based e-mail attacks
pose a particular challenge: How do I protect my end users from the sudden flood of threats while ensuring that legitimate important ones are not
accidentally Communication is blocked? During this time of global crisis,
we at Protegent felt deeply responsible to contribute in our unique way to
effectively managing and containing the pandemic.
With that in mind, we've released a new event tracking feature
for Protegent for Office 365. The feature gives operator solution
providers and administrators better insight into all - both malicious and
legitimate - email traffic primarily linked to the coronavirus pandemic.
In the Email Logs section of the Protegent for Office 365
Admin Console, simply select the COVID-19 filter under Current Events to view
email traffic, including all that Protegent has detected Coronavirus-related
threats. If the filter missed something, you can use the Remediate
function to pull the message from one or more inboxes. Equally important
is that you keep an eye on legitimate COVID-19 communications and put them back
in users' inboxes in case messages are misclassified.
COVID-19
is the first use case for the Protegent for Office 365 Event Tracking
feature. More will be added over time in response to holidays and other
one-time events that trigger spikes in threats and overall email traffic. The
goal is to increase transparency and help operator solution providers build
customer trust in these important times.
Resources to help users identify coronavirus threats and keep
telecommunications safe.
In addition to this new feature, we've put together a collection of resources to
educate end-users on how to recognize email threats during the coronavirus
pandemic and how to work safely from home. The page contains infographics
about digital hygiene and information on how to identify phishing and spear
phishing attacks, but also links to free tools such as our free antivirus software.

No comments:
Post a Comment