As the coronavirus pandemic surges, so do hacking and phishing attacks according to a recent report from Google.
It appears that hackers and scammers are taking advantage of the pandemic to launch massive operations. As the world reels from lockdown regulations, people are using online platforms to procure necessary supplies. Google says that this increase in online activities is a prime target for hacking and phishing attacks.
A recent report reveals that tech giants like Google and Microsoft are among the favorite brands for criminals to spoof. Cybercriminals spoof these brands in order to launch phishing or scamming attacks to their targets.
Old hacking tricks
Cybercriminals use phishing and scamming tactics since the early dawn of the Internet. Since these types of attacks rely heavily on user vigilance, it is still effective until today. In fact, these types of attacks are fairly easy to organize as oppose to elaborate and technical hacking operations.
The tech giant reports that some attackers are trying to steal intellectual properties. Moreover, some attackers target activists. In a statement Google says:
“We continue to see attacks from groups like Charming Kitten on medical and healthcare professionals, including World Health Organization employees.”
The company adds that those who are most at risk are accounts of world leaders, healthcare professionals, and business executives. Most of the attacks are target individuals from the United States, United Kingdom, Canada, Bahrain, India, and Cyprus.
Government-backed hackers
What is alarming about the recent report is that there is a rise of government-backed hackers. These rouge actors are usually mercenary hackers which a particular government hires to hack their targets.
Another live Phishing site using Covid-19 lure, and masquerading as a new “beta” service by the UK HMRC:
hmrc-govupdate-covid-19[.]com
covid-19-gov[.]claimsThe credit card number validation is spot on, but the language change to Welsh doesn’t work. pic.twitter.com/ciqRp6qPXM
— Phishing AI (@PhishingAi) March 30, 2020
One popular scheme is by encouraging targets to sign up for notifications with regards to COVID-19. Once the target opts in, they are then redirected to a phishing website where hackers can steal their login credentials.
These types of attacks prey on the vulnerable, especially during this time. People are often looking for positive reinforcement, and hackers are using this to their advantage.
Some hackers are using bot networks to spread political spams. One particular outfit is Spamouflage Dragon which posts about Hong Kong politics and China’s response to the current pandemic. The identity of this group is yet to be known, or where their base of operation is.
For many years, Google admits that there are many vulnerabilities in the computer ecosystem. However, many experts agree that most of the time it is the user that is most vulnerable.
Image courtesy of Arthur Osipyan/Unsplash