Why COVID19 is helping cyber criminals.

Your business can’t afford to ignore these COVID-19 cyber security threats. 

It’s no secret that the COVID-19 pandemic has claimed hundreds of thousands of lives around the globe, and challenged economic progress. Unfortunately, even at a time when many people are unemployed with limited or no savings, phishing scams related to COVID-19 are on the rise.

These scams have become more targeted and sophisticated as scammers move beyond previous themes to pandemic-relevant ones – unemployment and welfare benefits, stimulus packages, etc.

Millions of people across the country worry whether they will be able to find new jobs, retain current ones, receive benefits on time, and question if businesses will ever recover. Surviving the pandemic becomes harder every day.

National lockdowns causing people to stay home have resulted in people using the Internet more than ever before. From keeping in touch with family, working from home, searching for new information, or learning new skills. More people on the internet have not gone unnoticed by scammers. And they are taking advantage of people’s fears or curiosities to gain trust and steal privacy and/or money.

25% of COVID-related domains are suspicious or malicious.

A recent study revealed scammers taking advantage of the COVID-19 pandemic to produce new phishing scams. They’re evolving with new techniques to increase operational success.

At the start, phishing campaigns were constructed around the scarcity of masks, pandemic information, or testing kit availability. Now, many of the newer emerging cyber threats are based on questions or concerns about welfare or unemployment benefits, or stimulus packages and check statuses.

It may be tempting to look at overall trends and determine phishing activities related to COVID-19 have decreased. However, the statistics show the opposite. Researchers have identified over 1,200 domains related to COVID-19 being registered every day. And 25% of them deemed suspicious or malicious. Of 600,000 sampled domains related to COVID-19, researchers identified over 125,000 malicious websites. Most of them being used for phishing scams. The campaigns target people concerned about losing jobs, if children will return to school, and other legitimate concerns. Similar to the “second wave” of COVID-19, these questions and concerns will fuel the second peak of suspicious activity.

“This is the next battlefront in the digital pandemic,” said Sean McGrath, cyber security expert.

Unfortunately, a majority of the public is unprepared. A recent study found that only 5% of the British public are able to detect and differentiate between phishing scam emails and genuine emails. As a result, it’s a near guarantee that phishing scams taking advantage of pandemic-related concerns are likely to succeed.

What can Internet users do to combat COVID-19 phishing scams?

Internet users need to maintain a level of suspicion and stop believing incoming messages and emails at face value.  Any message or email with a tone of urgency, and asking for personal information from its recipient, must be treated with a high level of caution.

Internet users should also be suspicious of shortened website URLs as well. If a site has the “safe” padlock symbol or uses SSL encryption (https) you should still double-check the URL before it’s clicked. 

Back in May the NCSC reported the British public had flagged over 160,000 emails in the first two weeks. And many of them offered limited supplies such as face masks or COVID-19 testing kids. Due to the active reporting on the part of Internet users, the government’s cyber-security team was able to trace and remove over 300 websites found to be bogus. An exceptional response due to the vigilant British public.

If you would like to secure your workforce’s internet browsing habits against these cyber security threats then speak to us today.