The rapid worldwide spread of the Coronavirus, renamed COVID-19, has unfortunately also spurred new cyber threats from threat actors utilizing the panic for personal gain.
Such cyberattacks are especially concerning as companies ask employees to work remotely.
Given that people have a heightened interest in news regarding COVID-19, the door is open wide for social engineering, exploitation, and malicious activities.
Using worldwide COVID-19 panic, cyber threat actors have begun utilizing new methods to spread malware and scams to prey on a distracted public.
Such methods include Coronavirus-themed phishing emails, booby-trapped URLs, and credential stuffing scams.
In one example, hackers use a PDF of Coronavirus-related safety measures to spread Remcos RAT and malware payloads.
In another, threat actors send official-looking Microsoft documents with macros that drop a backdoor onto a victim’s computer.
And yet another phishing campaign allegedly from the Centers for Disease Control tempts recipients to click on a malicious URL.
There has also been confirmation that the virus is being used to distribute the Emotet Trojan.
Related: Portland Mental Health & Wellness Proactively Uses Paubox During COVID-19 Pandemic
Recent reports further show a spike in new, Coronavirus-related domain names; most are used in phishing schemes while the rest try to sell cures or preventative products.
There is no doubt that these malicious campaigns will continue and grow.
Threat actors thrive in panic-filled situations, using hysteria to catch people off guard.
Companies must ensure that their employees remain safe and undistracted; as more and more people work from home, more and more data and lives become vulnerable, especially as endpoints become more remote.
If looking into telecommuting, Paubox recommends:
Training, even remotely, is even more important and must include information on spotting a phishing email, website, or even text—no blind clicking without due diligence.
Keeping people cyber safe during times of crises is important for long-term security.
The original version of this page was published at: https://www.paubox.com/blog/growth-of-coronavirus-themed-cyberattacks
Paubox Marketing is an email marketing platform built for healthcare. Our solution allows healthcare organizations to securely send PHI in marketing emails to drive more engagement and grow busines... Read more
In 2018, the healthcare industry became the largest employer in the United States for the first time. This is due in large part to the growing healthcare needs of aging ...read more
The HIPAA Privacy Rule regulates how patients’ protected health information (PHI) can be used for marketing. In general, HIPAA requires written authorization before a covered ...read more
On May 12, the U.S. Department of Homeland Security Cybersecurity Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI) released a joint alert on the ...read more
At our recent virtual healthcare cybersecurity conference, Paubox SECURE @ Home, Hoala Greevy, Paubox’s founder and CEO, and Nick Wong, software developer at Paubox, discussed ...read more
Ask a Healthcare Lawyer: HIPAA Compliance for Healthcare Marketers
Your FAQs...Answered!