Cyber experts step in as criminals seek to exploit Coronavirus fears

[silversurfer]

Content source

https://www.ncsc.gov.uk/news/cyber-experts-step-criminals-exploit-coronavirus

The public are being urged to follow online safety advice as evidence emerges that criminals are exploiting the Coronavirus online.

Experts from the National Cyber Security Centre have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit COVID-19.

Techniques seen since the start of the year include bogus emails with links claiming to have important updates, which once clicked on lead to devices being infected.

These ‘phishing’ attempts have been seen in several countries and can lead to loss of money and sensitive data.

The NCSC, a part of GCHQ created to keep the UK safe online, is urging businesses and the public to consult its online guidance, including how to spot and deal with suspicious emails as well as mitigate and defend against malware and ransomware.

In addition, in recent days the NCSC has taken measures to automatically discover and remove malicious sites which serve phishing and malware. These sites use COVID-19 and Coronavirus as a lure to make victims ‘click the link’.

Paul Chichester, Director of Operations at the NCSC, said:
“We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak.
“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails.
“In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”

Cyber experts step in as criminals seek to exploit Coronavirus fears

Experts at the NCSC have revealed phishing attacks exploiting worries over COVID-19

www.ncsc.gov.uk

 

[Antus67]

Opportunist crooks are exploiting coronavirus as part of their phishing attacks, malware, ransomware and more.

he National Cyber Security Centre (NCSC) is warning that criminals are looking to exploit the spread of coronavirus to conduct cyberattacks and hacking campaigns.

Experts at the NCSC – the cyber arm of GCHQ – have spotted a range of scams and cyber threats that look to take advantage of COVID-19 for their own malicious ends.

Attacks include phishing attacks, credential theft, bitcoin and financial fraud, ransomware campaigns and more.

In many cases, attacks are based around phishing emails containing links or attachments that claim to contain important information about the virus. Once opened, these infect the PC with malware that can be used to exploit the infected victim.

The NCSC says it has taken measures to automatically uncover and remove malicious websites run by cyber criminals running coronavirus scams and other malicious activity.

This action comes after what the security agency describes as as an increase in the registration of webpages relating to coronavirus, something the NCSC suspects to be the work of cyber criminals looking to exploit the outbreak.


The agency warns that, as the outbreak intensifies, it's likely that the volume of hacking incidents looking to exploit coronavirus will also rise.

"We know that cyber criminals are opportunistic and will look to exploit people's fears, and this has undoubtedly been the case with the coronavirus outbreak," said Paul Chichester, director of operations at the NCSC.

"Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails."

Guidance offered by the NCSC includes how to spot and deal with suspicious emails and how to mitigate and defend against ransomware attacks.

"In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible," Chichester added.

Coronavirus-related cyberattacks have been identified by cybersecurity researchers at companies around the world.

SEE: Coronavirus: Business and technology in a pandemic

They included a Trickbot trojan malware campaign disguised as medical advice about COVID-19 as detailed by Sophos, while researchers at Proofpoint have also identified a number of coronavirus-themed hacking campaigns that install malware including Emotet, NanoCore and Azorult.

Security researchers have also warned that state-sponsored hacking campaigns are also beginning to use coronavirus as lures in attacks.

The World Health Organisation (WHO) and the US Federal Trade Commission have both also warned about scammers spreading coronavirus-related phishing attacks via email and social media.