9,580.3090.2
Stock Analysis, IPO, Mutual Funds, Bonds & More

Fraud schemes, phishing mails & bogus charity links: Hackers continue with Covid-related security attacks

Some hackers have called for dialing back their criminal efforts.

AFP|
Last Updated: Apr 03, 2020, 06.07 PM IST
0Comments
iStock
Despite some hackers agreeing to a 'ceasefire' some have gone ahead and continued their criminal activities.
Despite some hackers agreeing to a 'ceasefire' some have gone ahead and continued their criminal activities.
WASHINGTON: Internet users have seen a surge in Covid-related cyberattacks and fraud schemes which could add to the misery of the pandemic, even as some hackers have called for dialing back their criminal efforts.

A deluge of attacks has included phishing emails purported to be from health agencies, counterfeit product offers and bogus charity donation requests, according to security analysts.

Over the past month, at least 100,000 new web domain names were registered containing terms like covid, corona, and virus, many of which are considered "malicious," according to a report prepared for the global internet registry agency ICANN.

"The pandemic has led to an explosion of cybercrime, preying upon a population desperate for safety and reassurance," said the report released this week by Interisle Consulting Group.

The number of "spoofed" websites used for phishing to steal people's private credentials rose by 350 percent since January to more than 500,000, according to Atlas VPN, which provides secure connection services.

These schemes could lead to unprecedented amounts of theft, identity hijacking and ransomware to extract money from vulnerable organizations, some analysts fear.

In just the past few weeks, US consumers have lost nearly $5 million to coronavirus-themed scams, according to the Federal Trade Commission.

The potential for fraud could rise further, notably as a result of the $2 trillion economic relief package approved by Congress this month, according to an FTC warning to watch for stimulus-related fraud schemes.

Because of the global nature of the pandemic, hackers are taking advantage of all the attention being paid to the health crisis to lure people into opening malicious emails and links.

The security firm Proofpoint said this week it is seeing a wave of email scams themed around stimulus payments, Australian government "coronavirus tax relief" or even a fictitious "relief offer" from the World Health Organization and the International Monetary Fund.

"More than 80 percent of all the attacks Proofpoint now intercepts have something to do with the pandemic, a level that is unprecedented," the company said.

"These attacks appear to be working, and now they are leveraging news of the stimulus package to ensnare more victims."
iStock
A deluge of attacks has included phishing emails purported to be from health agencies, counterfeit product offers and bogus charity donation requests, according to security analysts.
A deluge of attacks has included phishing emails purported to be from health agencies, counterfeit product offers and bogus charity donation requests, according to security analysts.

But even with the unprecedented opportunity, some hackers are considering pulling back on their attacks on people during the crisis, according to researchers who monitor "dark web" forums.

"There seems to be an even split. I wasn't expecting so many people expressing concern," said Alex Guirakhoo, a threat researcher with the security firm Digital Shadows who monitors hacker forums globally.

"There are some people (in hacker forums) saying 'I'm really concerned for my family,' or 'I can't see my girlfriend.' This is a situation affecting everyone."

After some reports indicated hospitals had been hit by ransomware, some hacker groups pledged to avoid hitting health care organizations, according to researchers.

One hacker group known as Maze promised to halt attacks on hospitals and provide encryption keys to ones that have been hit, according to Filip Truta of the security firm BitDefender.

"Perhaps they want to avoid provoking the white-hot rage of an already wounded public," Truta said in a blog post. "Or, just possibly, some black hats do have a smidgen of ethics. At least in grim times like these."

The security firm Emsisoft, which specializes in ransomware, made an unusual plea to hackers last month to spare health care firms.

"We also know you are humans, and that your own family and loved ones may find themselves in need of urgent medical care," the group said in a blog post.

"We ask for your empathy and cooperation. Please do not target healthcare providers during the coming months and, if you target one unintentionally, please provide them with the decryption key at no cost."

But Emsisoft spokesman Brett Callow said the plea may not be working.

"Any claims that these ransomware groups make should be taken with a grain of salt," Callow told AFP, noting that ransomware attacks are continuing against health organizations.

"These groups have attacked hospitals in the past. They have put lives at risk and it would be a mistake to assume they wouldn't do so again."

Password Manager, Authentic Apps & Webcam Cover: 9 Steps To Ensure Data Security Every Day

of 10
Next
Prev
Play Slideshow

Secure Your Digital Life

8 Feb, 2020
2019 was the year of serious data breaches. Each made headlines that jolted users into reality and the importance of protecting personal data. A recent survey indicates that 52 per cent of users polled believe they need to strengthen their data policies, 45 per cent expect advertising and marketing regulation to become 'more strict', while 88 per cent agree, or strongly agree, that digital privacy will become increasingly important this year.While, January 28 is observed as the Data Privacy Day in India, the US, Canada and 47 European countries each day, Sunil Sharma, managing director sales, India & SAARC, Sophos advises you to treat every day as Data Privacy Day and apply these simple tips to secure your data.
Next
Comments
Add Your Comments
Commenting feature is disabled in your country/region.

Popular Categories


Other useful Links


Copyright © 2020 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service