As people continue to adapt to the “new normal”, cybercriminals are still seeking to capitalise on the opportunities created by new working environments.
Furthermore, with the continuation of nationwide lockdowns and the health risks from COVID-19, organisations are feeling the pressure to deliver ongoing training. With many opting to provide online training for staff through webinars, to educate them about new protocols and practices to minimise coronavirus transmissions and ensure employee safety. Many threat actors have sought to take advantage of these continuing pressures, by luring victims in with promises of free tests or miracle cures or attacking organisations that have switched to remote working practices.
These cybercriminals have become experts in adapting to the changing situation with new tactics. Current tactics include:
- pretending to provide the COVID-19 training,
- COVID-19 vaccination appointments,
- popular culture campaigns like Black Lives Matter,
Cybercriminals – different tactics
A blog by software company Check Point, highlights the dangers of phishing campaigns that exploit the COVID-19 pandemic. Their researchers found a campaign that invited recipients to register via a link, which took victims to a malicious website that then asks them to provide their Office 365 login credentials. Once found the shutdown of the website was prompt. However, future campaigns will no doubt try a similar approach.
Next, they found a campaign based on the Trickbot malware, that sought to leverage people’s opinions about the Black Lives Matter movement. The campaign invited people to express their opinions about the movement anonymously. Victims were asked to “Enable editing” and “Enable content” in order to allow Office 365 updates to install. In fact, the victims disabled the security protections in Office 365 and allow the malware to install itself.
Finally, they observed cybercriminals taking advantage of the economic fallout from the COVID-19 crisis. With many people having lost their jobs, cybercriminals have seized the opportunity to inundate HR departments with malicious CV’s. In the hope that by overloading them they may become less cautious than usual and open a malicious attachment. In fact, the number of malicious files identified doubled between March and April 2020, with one out of every 450 malicious files being a CV-related scam.
Yet again, cybercriminals have proven how quickly they can adapt their tactics to a rapidly changing situation. Such campaigns may be more likely to succeed when they offer something that appears relevant to their targets’ lives. To avoid these threats education is key. As part of our IT support and services we offer cyber security training. Once equipped with the necessary skills, your staff will know how to spot suspicious emails and avoid taking actions that may compromise your organisation’s networks and data.