The COVID-19 pandemic has posed a number of global challenges, affecting systems and key industries all over the world. Since the outbreak, DynaRisk's intelligence team has been tracking a number of sources including the Dark Web for new scams, threats and industries being targeted by cyber criminals. Here are some key takeaways so far...
Phishing has surged by over 60%
COVID-19 themed scams have increased significantly as the weeks have gone by. There have been thousands of Coronavirus-related domains registered globally since January, and we have identified over 2,500 malicious websites since March. Google has also reported an influx of phishing emails to its Gmail users, blocking over 18,000 virus related phishing emails every day. Read more about the coronavirus phishing techniques here.
Cyber criminals are agile
The scams currently in circulation vary in terms of sophistication, but one thing is clear - cyber criminals are trying out new ways to defraud victims 24/7. We have seen fake Outlook web apps designed to steal credentials for fraud, fake Coronavirus tracking apps that install malware, phishing emails impersonating government and official institutions and new iterations of ransomware being released.
If the pandemic has taught us anything, it’s that the forced downtime and increased sense of fear has given cyber criminals more opportunities to take advantage of both businesses and consumers.
Companies of all sizes need more robust cyber security measures
Due to the fast measures taken by authorities to stop the spread of the virus, companies were forced to change the way they operate in just days. With more employees working remotely, cyber hygiene - often at the bottom of the to-do list - should be a top priority. Security events such as data breaches and loss of data to ransomware are never truly anticipated or prepared for, however the risks increase with a remote workforce.
To help employees learn ways to manage their personal cyber security risks, protect the company’s digital assets and increase resilience against growing threats, we are offering our Ultimate plan free for 30 days. Simply select our Ultimate plan here, apply code WORKREMOTE when you sign up and get your personal cyber dashboard complete with your Cyber Security Score, tailored action plan and personal ID monitoring setup in minutes.
No app is 100% secure
The increase in our reliance on digital tools has also brought some security vulnerabilities to light. Video call apps including Zoom and Houseparty have been targeted by cyber criminals and a new trend called Zoom ‘bombing’ has surfaced in recent weeks. However Houseparty has denied accusations that it was hacked, offering a reward to anyone that can prove the app was compromised. Despite this, many users experienced account takeovers on other accounts after installing Houseparty.
To prevent similar experiences we recommend that you utilise the highest security settings for video call apps and services, and ensure that your accounts use unique, strong passwords.
Cyber criminals, like Coronavirus, do not discriminate
Regardless of the size, revenue and industry, cyber threats can affect any and all businesses. During this period, we have seen hackers targeting health and education services, as well as tourism. Unfortunately the universal attitude is one of indifference - many business owners don’t believe that cyber threats apply to them. However we have seen businesses of all shapes and sizes targeted over the past few weeks.
Get cyber threat intelligence LIVE
If you’re interested in keeping up to date with the latest cyber threats, join our upcoming webinar. In our bi-weekly threat briefing, we look at new scams in circulation, vulnerable industries, what is happening in hacking communities and provide examples of COVID-19 specific business and consumer threats.