TALKING
business
‘‘
Organisations are already facing
business challenges in the wake of
the Coronavirus pandemic, and a
rapid rise in COVID-19 related cyberattacks
is causing additional stress.
A new report from the Mimecast Threat
Intelligence Centre, entitled 100 Days of
Coronavirus, tracks cybercrime activity since
the start of the outbreak. It found that
between January and March 2020, global
monthly volumes of spam and opportunistic
cybercrime detections increased by 26.3%,
impersonation fraud detections increased
by 30.3%, malware detections increased
by 35.16% and the blocking of URL clicks
increased by 55.8%. In addition, over
115,000 COVID-19 related spoof domains,
designed to steal personal information, were
detected over the three-month period.
Focusing on the Middle East and North
Africa (MENA) region, the Threat
Intelligence team saw notable increases in
malware (22%) and spam (36%) during
February and March, when the virus started
spreading. Shockingly, there was a 751%
increase in unsafe clicks during the first
three months of the year – likely as a result
of a rise in human error caused by stress,
unusual working environments and our
desire to stay informed.
Cybercriminals feed on people’s fears
Phishing scams often tap into whatever
is currently making headlines. Thankfully
employees’ awareness of cybersecurity
continues to grow, but criminals are making
the most of the current situation by feeding
on people’s fears and anxiety. In short,
people just aren’t thinking straight.
We’re also getting used to receiving emails
from employers, authorities and just about
every brand we’ve ever interacted with,
about their response to COVID-19. Bad
actors know this and are impersonating
these organisations with the aim of getting
concerned citizens to click on malicious links.
Between March 9 and 20, we saw a 234%
increase in daily registrations of new
Coronavirus-related web domains and
subdomains at more than 6,100 a day.
While some of these 60,000+ sites were
legitimate, the majority weren’t. Links were
used to capture credentials, allowing bad
Werno Gevers, Cybersecurity Specialist
at Mimecast
“
LINKS WERE USED
TO CAPTURE
CREDENTIALS,
ALLOWING
BAD ACTORS
TO ACCESS
NETWORKS OR TO
DIRECTLY INFECT
THEM WITH
MALWARE.
actors to access networks or to directly infect
them with malware.
Evolving threats
As the pandemic and the response to it has
evolved, so have cybercriminals’ strategies
and attacks. The scams change to match
what people are talking about. Many of
the first phishing attacks impersonated
specialists from Wuhan, China. Criminals
then masqueraded as regional authorities
and later, businesses communicating with
their employees.
www.intelligentcio.com
INTELLIGENTCIO
37