Delhi: Col. Inderjeet Singh, Cyber Security Expert, Director General, Cyber Security Association of India is talking about the email phishing attacks with subjects related to COVID-19. These attacks remained prevalent since Mar 2020, accounting for approximately 56% of all the email subject lines analyzed.
Group of cybercriminals launched a sophisticated phishing campaign in mid-March on one of the largest hospitals and COVID-19 testing facilities in the Czech Republic which was hit by an attack and forced to cancel operations and relocate patients to other hospitals.
Also Read: New BlackRock Android malware can steal User Data from 337 Apps
Cyber criminal’s launched a phishing campaign earlier in March targeting the World Health Organization (WHO). Experts believe the attack was orchestrated by a sophisticated nation-state group with the goal of harvesting credentials used by WHO employees to access critical systems and applications. In addition, there have been spikes in financially motivated attacks that seemed to peak as the COVID-19 spread across the world.
Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. Phishing is a form of social engineering. These phishing attacks are becoming more aggressive, focused, and more targeted as this pandemic continues. Everyone would have to remain very skeptical of any email related to COVID-19 coming into their inbox.
Cybercriminals are preying and taking advantage of people’s heightened vulnerability during these difficult times and using this to steal an individual’s personal information and financial data. Also, COVID pandemic drives traffic to streaming sites, cybercriminals have begun to lure unsuspecting users to phishing (similar looking) streaming sites such as Netflix, Apple TV Plus, and Amazon Prime Video.
Also Read: phishing-campaign-20-lakh-indians-in-north-korean-hacker-groups-crosshairs/na20200620191434689
In addition, video and chat apps – like Microsoft Teams, WebEx, Zoom, and Google Meet – have become the new face of the organization during this time of remote work. Attackers have added these cloud-based applications as potential targets to their phish list, using the same general techniques they’ve used with email since forever.
During this time, attackers extended their sights to new sectors – research and development and biotechnology companies working fast to find a Coronavirus vaccine. As more organizations progress their vaccine research, cybercriminals with varying motives have increased attacks. Few points to protect yourself from these attacks:
Col. Inderjeet Singh strongly says "Being aware of the risks means that you are less likely to be impacted by these phishing scams. Cyber awareness and data security go hand in hand, so it is important that you know how to spot phishing emails and how to respond when you are faced with one."
Also Read: Threat Group APT29 targets COVID-19 Vaccine Development
(ETV Bharat)