The coronavirus pandemic is causing global lockdowns of bustling metropolitans, with scientific laboratories working overtime to come up with enough testing kits, potential cures and a future vaccine. While such actions are underway, cyber attackers across the world are having a field day by cashing in on the global panic that the virus has caused. The result is a wide range of phishing messages and malware-ridden emails that pretend to be healthcare directives from the World Health Organisation (WHO) or other global or national healthcare organisations, all with one purpose — steal your money and data.
Himanshu Dubey, director of Quick Heal Security Labs, stated that the approach of the attackers have been threefold. He says, “Attackers always look out for trends, and are fluent at that. Based on the data that we’ve seen, several thousands of new websites are coming up every day. The key intent is to deliver malware, or sell fake cures and vaccines to scam people of money, and thirdly, targeting fake news to peddle mass hysteria.”
The attacks also seem to be steadily on the move. As Dubey reveals, “A couple of weeks ago, the number of new (malicious) domains spotted everyday was close to 1,000, whereas recent observations from a couple of days ago saw that the number of new URLs is close to 10,000.”
Kiran Zachariah, vice president of the IoT business division at Subex, shared some data with News18 that clearly reflected on the escalating nature of these attacks. “In the week ending February 8, we saw just three instances of such (phishing and malware) emails, which rose to 42 in the week ending March 14. The variation in attribution has also changed along with messaging clusters — last week, we saw 22 emails attributed to the WHO, 12 to the United States CDC, and three each to the MoHFW India, the Government of India and NHS UK. The rest were attributed to a supposed ‘emergency team from the United Nations’,” added Zachariah.