sb-au logo
Story image

Trend Micro: COVID-19 related malware and spam on the rise

 Malware and spam related to the Covid-19 pandemic is on the rise globally, according to new research from Trend Micro. 

The cybersecurity solutions firm has released an update on Covid-19 related cyber threats and fraudulent activity, which uncovers global statistics and country threat rankings, garnered from its Trend Micro user base.

The results found that Australia ranked 10th highest in detected email spam connected to Covid-19 from January to March 2020. The United States was identified as the top location for spam and malware detections, and users accessing malicious URLs from January to March.

Globally, Trend Micro has detected an increase in Covid-19 related spam of 220-fold from February to March, and 907,000 total spam messages related to Covid-19 for the same period. The firm detected 737 incidents of malware.

Trend Micro says Covid-19 is being used in a variety of malicious campaigns including email spam, BEC, malware, ransomware, and malicious domains. As the number of those afflicted intensifies, campaigns that use the disease as a lure likewise increase.

“The shift to remote working has been a huge change for many businesses, as they have had to quickly adopt new technology and processes, which in turn has made many vulnerable to cyber-attacks,” explains Dr Jon Oliver, director and data scientist, Trend Micro. 

“Leveraging current or topical events in social engineering strategies is not a new tactic used by cybercriminals. However, with the unpredictability of the pandemic itself, we are seeing a steep rise in exploitations by cybercriminals using the virus as bait, playing into people’s worry, anxiety, and perhaps lowered security during this time," he says. 

"Now more than ever, businesses need to ensure that their employees are being vigilant when it comes to cybersecurity practices. This includes revisiting security training and protocols with staff and ensuring they are securely set up to work from home.”

Most common attacks to be aware of, according to Trend Micro:

 With spam being the top method to deliver attacks on enterprises (65.7% of attacks), Trend Micro identified that the top samples of this are in the form of:

o   Shipment notifications

o   Coronavirus Ministry of Health updates

·       Emotet, a banking malware variant, has been prominently used in coronavirus campaigns

·       The top emerging techniques for email scam proliferation are:

o   Targeting specific countries, including China and Italy

o   Business Email Compromise

o   Cruel ransomware

o   Sextortion related scams

·       Threat actors exploit the public’s need for information about COVID-19 to distribute malware in the form of:

o   Information stealing software disguised through Coronavirus interactive maps

o   Malicious mobile applications disguised as helping to track cases of COVID-19

o   Fake COVID-19 safety portal from the World Health Organisation (WHO)

o   Fake centres for disease and prevention waitlist that looks to gather personal information

·       The effects of COVID-19 have also reached the cybercriminal underground, as popular items are being sold including:

o   COVID-themed phishing, malware, and exploits

o   Toilet paper, N95 masks, ventilators, and other essential supplies

Story image
ABB and Nozomi Networks extend collaboration, deliver improved OT security solutions
"With Nozomi Networks solutions added to our cybersecurity portfolio, our customers gain proven network monitoring and threat detection technology."More
Link image
Webinar: Securing privileged access to stop attackers in their tracks
Thycotic's immersive webinar will demonstrate how attackers acquire passwords on endpoints and access critical cloud applications — without being detected.More
Story image
Cybersecurity budgets still not keeping up with threats — report
Executive teams are failing to recognise the level of damage cyber-threats pose to organisations, according to Sophos — many of them taking a ‘conservative approach’ to cybersecurity expenditure.More
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
FrankieOne to build Westpac's BaaS identity infrastructure
“As Australians continue to look for new and different ways to do their banking, we are excited to be part of the ever-growing BaaS movement with Westpac."More
Story image
From Me to We: Partnerships & multiparty systems in the post-COVID-19 age
MPS is all about sharing data infrastructure between people and organisations - think along the lines of blockchain, distributed databases and ledgers.More