COVID-19 Pandemic Takes Toll on Cybersecurity

The COVID-19 pandemic has created an ideal environment for cybercriminals to launch phishing campaigns intended to enable criminal activities ranging from simple theft of credentials to outright fraud. The depth of the illicit activity, however, is now reaching unprecedented levels.

A report from Bolster, which provides a platform that makes use of deep learning algorithms to identify fraudulent activity, confirms in the first three months of 2020 there were 854,441 confirmed phishing and counterfeit pages, with another 4 million web pages deemed suspicious. Roughly 30% of all those pages were in some way related to COVID-19, according to the report.

Overall, the report finds the number of phishing and counterfeit pages that went live rose to 8,342 in March from 3,142 in January. In March alone, Bolster claims it found 102,676 websites related to medical scams, with 1,092 websites either selling hydroxychloroquine or spreading misinformation about using it to cure COVID-19.

Bolster also found more than 145,000 suspicious domain registrations that included the words, “stimulus check.” The number of websites that claim to offer small business loans also jumped 130% from February to March. Hackers spun up 60,707 fraudulent banking websites to siphon off stimulus funds, the report finds.

Collaboration and communication phishing sites saw a 50% increase from January to March. Streaming phishing sites also saw an 85% increase from January to March, with more than 209 websites created per day.

Bolster even discovered multiple phishing websites peddling fake COVID-19 cryptocurrencies and crypto-wallets.

Shashi Prakash, chief scientist of Bolster, said with so much focus on the COVID-19 pandemic cybercriminals have been successfully exploiting the situation. With so many employees working from home to help combat the spread of the COVID-19 virus, many of them are more likely to fall prey to phishing attacks and other associated scams. Most of those employees, unfortunately, are also using personal devices that don’t meet corporate security standards.

Initially, many organizations assumed the need to work from home would only last a few weeks. As such, many IT organizations more or less approached supporting employees working from home in much the same way they would for a blizzard or flood. Now, however, it’s unclear when the majority of employees might be returning to the office. In fact, after learning how to work remotely some organizations may decide to not have employees return to the office at all. A recent survey of 305 finance leaders in the U.S. published by PwC found nearly half of the respondents (49%) plan to make remote work a permanent option for roles within their organizations that allow for it.

Regardless of where employees are working, there remains an acute need to combat phishing campaigns that are exploiting COVID-19 fears. The pandemic itself may be starting to wane, but concerns over the emergence of COVID-19 hotspots are still widespread. Nobody knows this better than cybercriminals, who are continually looking to finds ways to exploit those fears.

Of course, the best defense against those campaigns remains end user education. However, when that fails, given the increased sophistication of phishing attacks, the next best thing is to be able to immediately identify and isolate machines that have been compromised. Ironically, cybersecurity teams will find themselves using the exact same playbook to combat malware that healthcare professionals are employing to contain the COVID-19 pandemic.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 746 posts and counting.See all posts by mike-vizard