SecurityBrief Australia logo
Story image

Phishers cash in on the COVID-19 pandemic - how to avoid being reeled in

03 Jul 2020

Article by WatchGuard Technologies A/NZ regional director Mark Sinclair.

It’s often said that a crisis brings out the best and worst in human nature. The COVID-19 pandemic has been deemed the biggest public health and financial disaster in a century – and high-tech hackers are swarming around in droves.

While billions of people were locked down at home for weeks, predatory hackers have been out phishing; using the fear and uncertainty the virus has generated to reel in and rip off unsuspecting victims.

The term phishing refers to the fraudulent practise of sending emails purporting to come from legitimate organisations, with the aim of inducing recipients to part with personal information, passwords or credit card details.

Since the coronavirus crisis began, there’s been a surge in this form of activity – so much so that the Australian Cyber Security Centre (ACSC) has issued a series of warnings for individuals and businesses to be on their guard. 

Never waste a crisis

It’s not the first time we’ve seen bad actors attempt to cash in on disruption and disaster. They’re long-time masters of malicious psychology whose missives are most effective when they reference current, newsworthy events – and the bigger the better. The 2004 Boxing Day tsunami brought them out in force, as did the GFC.

This time around, we’re seeing a rash of dodgy domain name registrations containing references to COVID-19, coronavirus and other terms related to the pandemic, cropping up faster than authorities can issue orders to have them taken down. By mid-April, the ACSC had disrupted more than 150 malicious COVID-19 themed web sites, with the assistance of major telcos, Google and Microsoft.

Meanwhile, corona-themed phishing gambits include campaigns to trick SMS and email recipients into clicking on links to update their banking information, claim government stimulus payments and obtain information on local virus testing facilities. Individuals who make the mistake of doing so will find they’ve been scammed – into installing malware which steals their personal information in order to commit identity theft, harvests their bank account details or infects their employer’s corporate network.

Taking the long way round – how to avoid risky clicks in the time of coronavirus

Endpoint Domain Name System (DNS) filtering can serve as a shield against phishing attempts. The technology can be installed to block users’ attempts to access links if the sites in question are known to be malicious. Additional protection can also be had by opting for Multi-Factor Authentication when accessing important online services such as banking and social media accounts. 

Approaching links contained within emails with extreme caution, unless you’re satisfied they emanate from a trusted source, is also a smart move. If you’re not sure whether an email is bona fide or bogus – and these days many of the latter look extremely convincing –the easiest way to ensure you don’t take a potential bait is to take the long way round instead.

Rather than clicking on the link, head to the web site of the organisation it has purportedly been sent from and track down the information manually. Alternatively, you can telephone, using contact details from a trusted source, to verify whether they have, in fact, attempted to contact you.

Staying cyber-safe through COVID-19 and beyond

For some unfortunate victims, the warnings come too late. The ACSC has received more than 95 reports of Australians losing money or personal information to COVID-themed scams and online frauds and it’s unlikely they’ll be the last. 

As the crisis continues to play out, the onus is on the rest of us to remain on high alert, to ensure our systems and data aren’t infected with another kind of virus.

Story image
Snowflake completes IRAP assessment, looks to enable Aus Govt
“The completion of the IRAP assessment now allows Snowflake to work with all Australian Government agencies since many departments require the protected status to have been reached."More
Story image
Dell Technologies partners with SecureWorks for new security service
The new Dell Technologies Managed Detection and Response powered by Secureworks TaegisXDR provides 24/7 security across endpoint devices, data centre networks and cloud environments.More
Story image
Attivo Networks announces SentinelOne integration to increase threat protection
The integrated solution creates a defence against sophisticated attackers and provides comprehensive coverage across a broad set of attack techniques, as documented in the MITRE ATT&CK matrix.More
Story image
6clicks partners with Microsoft to bring greater security to Aus Government
Initially, the new offering will support the information security needs of Australian government departments and agencies as they seek to improve their risk and compliance maturity.More
Story image
Fortinet releases 5G optimised solutions for networking and security
Tthe FortiGate 7121F delivers the security necessary for 5G networks and enterprise Zero Trust Access, while FortiExtender 511F-5G provides wireless WAN connectivity for SD-WAN and SASE solutions.More
Story image
Vectra AI releases new endpoint integration to Cognito platform
Cloud network detection and response company Vectra AI has released extended endpoint detection and response native integration into its Cognito platform.More