Cybercriminals have taken advantage of virtually every facet of the coronavirus pandemic by targeting malware to other people who are curious or involved in the epidemic. We have noticed phishing emails and malicious content aimed at the initial spread of the virus, the resulting blocking, the transition to remote work, stimulus invoices and the effort back to work.
SEE: Fighting Phishing Attacks on Social Media: 10 (Free PDF) (TechRepublic)
But a particularly delicate domain discovered in many phishing emails has been the promise of a coronavirus vaccine. This topic naturally draws attention and enthusiasm, like many others, that the only way to regain a sense of normalcy will be by using a COVID-19 vaccine. A report released Tuesday through cyber risk data provider Check Point Research highlights some of those campaigns and provides tips on how to combat them.
In a phishing attack analyzed through Check Point, the emails promoted an object line of “URGENT INFORMATION LETTER: COVID-19 NEW APPROVED VACCINES”. The attached EXE record called “Download_Covid 19 New Vaccines Approved.23.07.2020.exe” promised main points about a vaccine. But clicking the registry installs an InfoStealer that attempts to obtain usernames, passwords, and other login information.
In some other phishing campaign, an email with the thematic line is sent: “The effort of the coronavirus vaccine in the UK is progressing badly, recruiting the consequences and the elderly.” The email includes a malicious link called “SurgicaltollArraycom /vy2g4b-.html”. This link is now inactive, but in the past redirected users to an online medical phishing page called “thelifestillgoeson.su” that sought to mimic a valid Canadian pharmacy.
Despite the prevalence of those phishing emails, the number of coronavirus-related cyberattacks has decreased in recent months. In July, there was a weekly average of 61,000 such attacks, 50% less than June’s 130,000 weekly outlook. However, although the virus remains a threat, cybercriminals are more than happy to take advantage of the latest trends.
“Lately, we see a transparent trend with hackers: deceiving the masses through their interest in coronavirus vaccines,” Check Point knowledge manager Omer Dembinsky said in a press release. “Most campaigns involve a person’s inbox, which is a concern. More than 80% of attacks on organizations start with malicious emails. Emails are the first link in a chain of attacks. Email attacks involving the human factor, workers’ emails, and inboxes are an organization’s weakest link.”
SEE: Cybersecurity: Let’s Be Tactical (FREE PDF) (TechRepublic)
For you and your organization of those types of phishing attacks, Check Point offers the following tips:
“Closing this security hole requires protections opposed to risk vectors: phishing, malware, knowledge theft and account control,” Dembinsky said. “I urge everyone to thoroughly read the thematic lines of the incoming emails. If you include the word “vaccine”, “think twice”.
Lance Whitney is an independent generation editor and teacher and former IT professional. He has written for Time, CNET, PCMag and several other publications. He is the one with two technical books, one on Windows and the other on LinkedIn.