The ongoing COVID-19 pandemic has had a far-reaching impact on the world as we know —it has also led to a huge increase in cyber frauds. Emboldened by the chaos and instability caused by the pandemic, threat actors have stepped up cyberattacks against both businesses and users who have had to adapt to the new normal which the pandemic has ushered in.
Interpol, the international organization which coordinates cooperation between the police forces of different countries, pointed out that cybercriminals were taking advantage of lowered cyber defences at a time when the focus had shifted to the health crisis. To underline the importance and spread awareness of staying cyber-safe even at this pandemic time, Interpol ran a short video campaign with the hashtag #WashYourCyberHands.
Of the many types of attacks that adversaries typically carry out, Seqrite would like to highlight an emerging super-threat known as Business Email Compromise (BEC) and Ransomware.
Business Email Compromise (BEC)
Thanks to the pandemic, Business Email Compromise (BEC) frauds are seeing a rise. The prevailing conditions encourage this type of fraud as it relies on employees receiving official-looking emails from superiors asking for money or important information (like passwords, confidential data, etc.). Because the majority of employees are still working from home, face-to-face interaction remains low which cybercriminals take advantage of, in their BEC frauds.
In April, the Federal Bureau of Investigation (FBI), United States, published an alert anticipating a rise in Business Email Compromise (BEC) schemes due to the uncertainty surrounding the pandemic. To protect yourself from BEC frauds, follow the below pointers:
- Be wary of any emails you receive asking for money or information, even if it looks like it has come from the CEO of your organization.
- When a false sense of urgency is being created through an e-mail (“Send me the details/Send me the account credentials ASAP”, etc.), don’t follow through immediately. It is mostly a pressure tactic being created to ensure you don’t ask too many questions and follow through.
- Wherever required, verify these kinds of requests over a telephonic conversation first.
Financial frauds like ransomware
The pandemic has also led to a recession in the global economy. While the world is slowly limping back, full recovery will take a while. Meantime, there are thousands of people who have been laid off or furloughed. Hence, there has been a rise in financial cybercrime with the main objective of making money through frauds.
To cite a recent example, a ransomware attack recently took place on a Philadelphia technology company, disrupting clinical trials to develop a COVID-19 vaccine. European investigative agency Europol pointed out that the pandemic had made organizations especially hospitals, governments and universities more conscious about losing access to their systems and hence more motivated to pay ransoms. Cybercriminals were increasingly taking advantage of this by running faster and more ransomware attacks while also enabling script kiddies to run similar attacks through the malware-as-a-service model.
To protect against ransomware, organizations need to back up their data and lessen their risk liability. With employees using personal devices to work from home, the ransomware threat is even more apparent. Enterprises must have the proper safeguards in place to ensure they are protected from COVID-19 driven cyber frauds.
Seqrite provides a comprehensive set of enterprise security solutions that give an enterprise all the tools required to enable complete cyber-protection.