Coronavirus – Cybercriminals Strike in Times of Fear

Eli Dominitz
March 18, 2020
Read Time: min

For cybercriminals, vulnerability and anxiety present opportunity. As the coronavirus (COVID-19) continues to spread around the world, cybercriminals are taking advantage of the widespread fear.

Spike in social engineering and phising campaigns around COVID-19

Over the last several weeks, there has been an increasing wave of social engineering and phishing campaigns targeting countries in North America and Europe. For example, cybercriminals have launched websites to mimic the following healthcare authorities:

  • Centers for Disease Control and Prevention (CDC) in the USA.
  • Ministero della Salute in Italy.
  • Health Canada.

Such look-alike websites contain malicious payloads. Visitors to these websites may unknowingly download malware on their desktop or mobile devices. To generate traffic to these websites, the cybercriminals launch targeted email phishing campaigns that manipulate people into clicking a link. The emails contain subject lines such as “Update - Coronavirus confirmed” or “Important Coronavirus Update”, playing into people’s elevated level of concern.

 

Real-time coronavirus heat map is a popular phishing tool

A sign of the growing popularity of coronavirus-themed attacks is the emergence of targeted phishing kits on the Dark Web. On several Dark Web marketplaces, hackers are offering for sale default phishing kits that bundle the interactive real-time Coronavirus map from the World Health Organization with a malicious file that functions as a pre-loader (.jar file) for additional malware modules. The following image is of one such Dark Web vendor offering a Coronavirus map phishing kit for $200.

Stay ahead of threats on the dark web.
learn more

This particular cybercriminal shares a YouTube video that demonstrates the features and functionality of the phishing kit, claiming that his phishing method is able to bypass Gmail filters provided that Java is installed on the victim’s device.

 

 

 

 

Recommendations to stay protected

To prevent your employees and other stakeholders from falling victims to the growing wave of Coronavirus-related cyberattacks, consider taking the following steps:

  1. Educate your employees and other stakeholders about Coronavirus-related social engineering and phishing attacks.
  2. Share approved websites or applications for Coronavirus-related information, and encourage the exclusive use of these resources.
  3. Implement email-filtering rules to carefully review emails containing Coronavirus-related content.
About the Author

Eli Dominitz

Eli Dominitz is the Founder & CEO of Q6 Cyber, an e-crime intelligence company based in the USA and Israel. Through a combination of proprietary technology and human analysts, Q6 monitors the “Digital Underground" (DarkWeb, DeepWeb, malware networks and infrastructure) to collect targeted and actionable e-crime intelligence used to proactively eliminate fraud, data breaches, and other electronic crimes.

Full Bio

About Abrigo

Abrigo is a leading technology provider of compliance, credit risk, and lending solutions that community financial institutions use to manage risk and drive growth. Our software automates key processes — from anti-money laundering to fraud detection to lending solutions — empowering our customers by addressing their Enterprise Risk Management needs.

Make Big Things Happen.

 

Looking for Banker’s Toolbox? You are in the Right Place!

Banker’s Toolbox is now Abrigo, giving you a single source for all your enterprise risk management needs. Use the login button here, or the link in the top navigation, to log in to Banker’s Toolbox Community Online.

Make yourself at home!