How the pandemic changed the cybersecurity landscape

In the same way that the adversity scenario can reinforce people’s good side, it can also intensify bad intentions. Cybercriminals were quick to seize a new opportunity to act – this can be seen in the growth of malicious software and relaphishing scams targeted at covid-19.

Records of hundreds of potentially suspicious new web domains have been identified, with cybercriminals taking advantage of the fact that many people may be using their own computers to access corporate networks due to the widespread home office. As these machines are not necessarily regulated and protected as tightly as business PCs, this exposes new threat vectors.

Numerous phishing campaigns emerged in the form of e-mails disguised as updates about the new coronavirus. A recent specific campaign tried to appeal to human nature, asking for donations (in bitcoin) to a false initiative of the World Health Organization (WHO) that “seeks to ensure that all countries are prepared, especially those with weaker health systems”.

Most fraudulent activities related to covid-19 are characterized as:

  • gratuity: selected services such as video conferencing, online training and even free food delivery. Cybercriminals also offer services like a “honeypot”, tricking users into providing bank details and personal information. You need to reflect – this is a genuine offer or is it too good to be true – before subscribing to new services.
  • Digital Gift Cards: The scammers behind the popular commercial email compromise (BEC) attacks have started trying to persuade people to buy digital gift cards, as many physical stores are closed.
  • Compensation schemes: with millions of people affected by holidays and canceled flights, there has been an increase in the number of dubious compensation sites – schemes that promise travelers the chance to get their money back. One particularly effective approach has been to pressure users to spontaneously provide personal information, under the guise that a “travel compensation offer expires in 12 hours” because cybercriminals always want victims to act first and think later.

Too good to be true

The best line of defense is to use common sense and not let your guard down. Anything that sounds too good to be true is probably just that. Maintaining your defenses also means installing software updates, even if they take a long time to download. Many varieties of malware use software vulnerabilities to maintain persistence and secrecy on infected systems.

We all need to keep in mind that especially now is the time to adhere to some basic rules like avoiding opening attachments or links in emails from unknown external contacts. Scammers have become sophisticated, and it’s often difficult to tell a genuine email from a fake one, so we emphasize the importance of never interacting with emails, even if they look legitimate.

We’ve recently heard many extraordinary tales about how people overcame the odds arising from the covid-19 pandemic. Unfortunately, there is also a dark side: those looking to take advantage of the situation.

***

Jun Ueda, author of this article, is Director of Operations at Fujitsu do Brasil

Previous post 7 Ways to Configure Parental Controls on Children’s iPhones
Next post What is the best USB Hub option to buy?