The level of sophistication the cybercriminals are using to bypass common users is now appalling many of the cybersecurity experts. Criminals are looking to pounce on any recent news, especially the ones that are of concern and affect a vast number of people.
The world has been reeling under the constant threat of deadly coronavirus that has claimed close to 1,770 lives and affected people, close to 70,500 in China. While 15 people have tested positive in the US, Japan has close to 44 cases of coronavirus. The electronic industry is being widely affected by the new virus, as the MWC 2020 canceled, and production by various industries has been completely halted.
People are nervous about the virus spread, and cybercriminals are now exploiting it by sending con mails. Spammers are sending phishing emails with malicious attachments, portraying the attachment as instruction about the coronavirus.
Researchers at IBM X-Force have pointed that attackers sending out infected email attachments are disguised as a coronavirus instruction. If the recipient opens the attachment, the file then installs an Emotet Downloader to infect the computer. Most of the phishing messages’ language so far has been in Japanese as the virus has been focused in Asia. However, the messages could soon be spreading to the other regions around the world with a variety of languages. Cybercriminals are sending out fake emails with links to different sites such as Office 365, Adobe, and DocuSign stealing passwords and emails of the recipient.
Hackers are purposefully sending emails to employees with letterheads that can generally seem like something that the companies’ leader will send out. The email address is mapped with only certain technical change making the employees believe that the email came from the organization’s head.
The email is well-crafted and lists the business president’s name; it looks like an internal email—the Microsoft word attachment with an embedded URL that leads the recipient to fake Microsoft websites to enter credentials. The user is then redirected to legitimate WHO coronavirus information, making the phishing transaction look legitimate. Proofpoint, an enterprise security provider, has found emails coming from Australian healthcare companies that are attempting to scam the enterprises.
The security provider Kaspersky has found malicious PDF, Microsoft Word DOCX, and MP4 files disguised as documents relating to the coronavirus. The scammers project the file to contain instructions for detecting and protecting against the virus.
Most of the manufacturer’s units in the world are located in Southeast Asia; the region even falls under the belt of transportation as many companies rely on the ports for their infrastructure transportation. So if you receive any unwarranted emails from your transportation solution provider, be cautious.
OneSpan, cybersecurity technology provider company, said that it expects the following types of phishing emails that will try to take advantage of the enterprises:
- From delivery companies such as FedEx or UPS/online sellers like Amazon with a message about the goods outsourced from China.
- Brokers and investment firms with a message talking about the market crash.
- Urgent updates from global healthcare agencies and governments about how to avoid the infection.
- Targeted attacks on the suppliers that the goods cannot be delivered or will be delayed.
The concerns become grave as such type of attacks is sure to affect the financial world, both corporate and retail banking customers. Financial systems are vulnerable to email phishing, and their interaction with Southeast customers tends to be on a larger scale. Southeast is considered to be a hotbed for investments for over a decade now, so any misstep by an employee could result in millions of dollars of loss, leading to devastations. DBS Bank, OCBC Bank, and United Overseas Bank are some of the largest banks situated within the region that might affect millions of users.
How to prevent phishing attacks,
Most fraud detection and prevention systems rely on the rules to manage fraud, but currently, not all anti-fraud systems are alike. Experts believe that financial institutions can come with extra rules during the periods of risks when there is a holiday or natural disaster when the customers are more likely to be hit.
Changing the current spam detection model to allow for a larger number of false positives with the favor of fewer false negatives can be better processed. Being vigilant is one of the best ways employees can prevent the attack because, for any information, no username or password will be required. Many of the websites might even ask the victims to donate and offer advice on unproven treatments. Keeping the antivirus software up-to-date can also act as a filter for many of the spam emails arriving in your inbox.
The US Securities and Exchange Commission (SEC) has warned people about online promotions about certain drugs that can cure coronavirus. The value of such companies In the market might dramatically increase.
The business growth will certainly slowdown in 2020; enterprises need to be patient in understanding the complexity of the global healthcare crisis affecting millions of people across the world. The vigilance will be of prime importance. Not enabling Micros for email and scrutinizing the sender’s email address thoroughly can be a very effective way to prevent phishing emails from getting into the business network. One example is wherein Mimecast has detected one such campaign titled “Singapore Specialist: Corona virus Safety Measures.”
Conclusion
Detection and prevention of such types of attacks remain a challenge for any business, but if assisted by email filters and employees, breaking a trend in such types of attacks can be easier. Trending news consortium of attacks can better prepare organizations against email threats in the future. To know more about enterprise infrastructure security, you can download our latest whitepapers on Security.