Phishing emails linked to the Coronavirus (COVID-19) written in English, French, Italian, Japanese, and Turkish languages have been discovered by cybersecurity experts. Researchers say this is the worst spike in email scams they have seen in years.
The hackers behind the emails appear to be targeting individuals and industries, including transport, manufacturing, hospitality, healthcare and insurance.
The malicious emails appear to contain information about where the virus is spreading or offer more information about the virus with the goal of getting the recipient to open attachments or click links, which then infect their system with malware.
According to recently published research by Check Point, Emotet was the leading malware threat for the fourth month running, and was being spread during the month using a Coronavirus-themed spam campaign.
A Chinese hacker group dubbed Vicious Panda is reportedly behind one of these scams, which attempts to lure internet users to share sensitive personal details by masquerading as the Mongolian Health Ministry. Their goal is to access computers and smartphones, according to a Check Point report.
“COVID-19 is presenting not only a physical threat but a cyber threat as well,” Lotem Finkelsteen, Check Point’s head of threat intelligence, said.
“All public sector entities and [telecommunications companies] everywhere should be extra wary of documents and websites themed around Coronavirus,” she added.
- Q&A: Chris Neumann, CEO, Commonwealth Ventures
- Radiation Watchdog Deems 5G Safe for Customer Use
- BT Launches Security Advisory Services
Check Point’s findings are similar to that of fellow cybersecurity firm FireEye that recently identified efforts by hackers in China, North Korea and Russia to prey on global fears about the virus to aid their espionage efforts.
According to FireEye, Russian hacking groups have targeted Ukraine over recent weeks, while North Korean malicious actors have gone after a non governmental organisation in South Korea.
US officials have also warned of hackers trying to take advantage of the crisis to hawk fraudulent products or obtain extra sensitive information. The Department of Homeland Security said that hackers “may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes.”
Check Point also reported that it had found 4,000 new website domains related to the coronavirus, with 3% containing malicious software.