It’s been a couple of weeks since Canadians and millions of others across the world went into lockdown to prevent the spread of COVID-19, forcing many employees into remote working. Unsurprisingly, cybercriminals are taking advantage of the current situation and increased number of vulnerable targets.
Below are some of the common attacks we have seen in the last week.
1. COVID-19 themed phishing attacks have been on the increase with all sorts of campaigns ranging from government relief to health information supposedly from the World Health Organization (WHO). Other schemes come disguised as messages from Shoppers Drug Mart and the Public Health Agency of Canada.
2. Text message scam (impersonating the Canadian government). In one scam, fraudsters pretend to be processing EI claims, preying on Canadians who’ve recently lost their jobs. Users are asked to enter their details, only for the information to be accessed by criminals.
3. Fake Covid-19 tracker app providing users with tracking and statistical information about Covid-19 and heatmap visuals. Cybercriminals are preying on people’s fears and vulnerable state by developing apps that appear to provide essential and timely information, such as where to buy N95 face masks or how to track recorded cases in real-time.
4. Softmining notice on their website. Hackers are also creating counterfeit versions (with malicious code) of legitimate COVID-19 apps. Softmining, an Italian software company that created a tracker app for COVID-19, reported that attackers had developed similar apps with the original app’s functionality but with malicious code designed to steal user data.
5. Malicious Corona Antivirus website. Scammers have launched a website containing a digital antivirus – corona antivirus – that promises to protect its users against the actual COVID-19 virus. This malicious software posing as an antivirus, once downloaded, turns the device into bot. A bot is zombie computer awaiting commands from a command-and-control server operated by a malicious actor.
What can Canadian businesses or individuals do to protect themselves from the above scams?
We urge business to alert their employees on potential incoming phishing emails. Employees should be trained to spot and manage phishing emails. BOXX currently offers the BOXX Academy, BOXX’s accredited cyber awareness training platform, to all of its cyber insurance customers at no cost. The platform also contains helpful modules such as Bring Your Own Device (BYOD) and Remote and Mobile Working.
Anti-malware software, IDS/IPS (Intrusion Detection/Prevention Software) etc. should be up-to-date.
Use only applications recommended/vetted by the business on work devices. On personal devices, users should download apps recommended by relevant bodies such as the WHO or the government and this should be from their official websites. Many of these malicious apps can be found in Android stores.
Enable Multifactor Authentication (MFA) on user accounts, especially administrator accounts.
For more information, please feel free to contact the following members of the BOXX team:
Vishal Kundi: Vishal.Kundi@boxxinsurance.com
Michelle Diniz: firstname.lastname@example.org
Chris Masaki: email@example.com
Mike Senechal: firstname.lastname@example.org