Page Loader Logo
Loading...
833-847-3280
Schedule a Call
Partner With Us

Coronavirus and Cybersecurity Attacks: What You Need to Know 

Coronavirus is here a,nd cybersecurity attacks are on the rise! Here’s what you need to know about the latest scammer attacks and how you can prevent yourself or your company from being a pawn in this game.

Check Point cybersecurity reported that over 4,000 coronavirus-related domains are active since the beginning of 2020. In the same report, 3% of the newly registered domains are malicious. Another 5% are suspicious. According to Check Point, 3% may seem like a low figure, but it means that coronavirus-related domains are 50% more likely to be malicious than any other domain registered during that same period.

It’s common for malicious scammers to go in full effect during a national crisis, and the coronavirus epidemic is no different. As the outbreak is making its way through all nations, computer users are the target.

People need to stay vigilant as malicious hackers will be in full force right now attempting to take advantage of insecure networks. Also, many companies are allowing people to work from home and using VPN’s. Verification of Company VPN’s should be in place before allowing users to access the internal networks.

The different types of attacks that malicious hackers are taking advantage of during the coronavirus outbreak are:

  • Phishing emails
  • Coronavirus themed malware attacks
  • Bait trapped URLs
  • Credential Harvesting scams

Protecting yourself from the coronavirus isn’t all about washing your hands and using Lysol on every surface of your house. It’s also about knowing the basic precautions to protect your online identity. Following cybersecurity best practices, and knowing the basics, are a great start.

Phishing Emails: 

The first thing you’ll want to do when monitoring your emails, is verify the senders email address. Make sure you recognize it, and that it looks legitimate. However, not all legitimate email addresses are safe. You’ll also want to pay attention to what the email is asking you to do. Common sense goes a long way – never share your personal information or banking information.

Another red flag is whether the email has attachments. Always be wary of opening attachments, and never open them from unknown senders. If the email contains a link, hover over it with your mouse curser, and make sure the URL is legit.

Researchers at Cofense, stated they observed a new phishing campaign that pushes fake messages from The Centers of Disease Control (CDC). Some example messages that have been sent are that the coronavirus has “officially become airborne” and there “have been confirmed cases of the disease in your location.”

Bait trapped URLs: 

The email, according to researchers, is a “good forgery,”. It also contains a phishing kit that tempts users to click on a URL. It appears to be legit, as it’s from the CDC, and recipients are told to click on the link to learn more about their localized coronavirus threat. What users don’t see, is that behind the malicious link, there are one of three redirects that malicious hackers use. Once clicked, the victim is taken to one of several top-level domains, that each use an SSL certificate.

“Users will be presented with a generic looking Microsoft login page upon clicking the link,” according to researchers. “The recipient email address is appended within the URL, thus automatically populating the login box with their account name. The only thing for the user to provide now is their password. Upon doing so, the user is sent to the threat actor.”

If credentials are entered into the site, the user is then sent to the legitimate CDC website.

Malware Attacks: 

There are two major malware attacks that are going around. The first type of malware attack includes phishing emails (which we’ve discussed above) and another is that malicious hackers are using a Microsoft Office document to drop a backdoor onto a victim’s computer.

The MalwareHunterTeam discovered a three-page coronavirus-themed Microsoft Office document posing to be from the Center for Public Health of the Ministry of Health of Ukraine. The document does not contain legitimate information like it portrays to in the email. The document contains malicious macros and once opened, the document can drop a backdoor with capabilities such as clipboard stealing, keylogging, and the ability to lift screenshots from a victim’s computer.

Coronavirus and Cybersecurity

As if running out of toilet paper isn’t scary enough! Another worry with the new coronavirus is that malicious hackers are taking advantage of the epidemic and turning citizens into victims. Stay up to date on the latest threats, and remember, if you’re ever unsure of whether something is real, don’t open it, don’t click, and don’t fill anything out.

If you have any additional questions, or want to ensure your business is secure, fill out our contact us form.[/vc_column_text][/vc_column][/vc_row]

Latest Posts

A transparent image used for creating empty spaces in columns
Welcome to today’s briefing on a crucial topic in the realm of cybersecurity: internal network penetration testing. Now, I know that the term might sound a bit intimidating but fear not. By the end of this discussion, you’ll have a solid understanding of what it…
A transparent image used for creating empty spaces in columns
 In the world of cybersecurity, there’s a misconception that a clean pen testing report means something was missed or the test wasn’t thorough enough. But here’s the truth: receiving a clean report from your penetration test is not only a positive outcome—it’s a testament…
A transparent image used for creating empty spaces in columns
Hey there, folks! Let’s get one thing straight: when MainNerve talks about penetration testing, we’re diving deep into the world of cybersecurity. But hey, we know what people think when we say “penetration testing.” So, buckle up because we’re about to compare pen testing to…
A transparent image used for creating empty spaces in columns
 In the fast-paced world of managed IT services, we know that time is money. Your clients rely on you to keep their systems secure, and you need partners who can deliver top-notch services without slowing you down. If you’re a Managed Service Provider (MSP)…
A transparent image used for creating empty spaces in columns
The primary purpose of performing a penetration test is to simulate real-world attacks on a computer system, network, or application. This is done by skilled cybersecurity professionals, who are tasked with identifying vulnerabilities and weaknesses that malicious actors could exploit. Their role is crucial in…
A transparent image used for creating empty spaces in columns
 If your business relies on older technology, you’ll want to listen up. We’re highlighting a critical weakness in many organizations’ defenses: legacy systems. What Are Legacy Systems? Legacy systems are outdated technologies that are no longer supported with updates or patches from their creators.…
contact

Our Team

Name(Required)
This field is for validation purposes and should be left unchanged.
quick links to

Our Services

On Load
Where? .serviceMM
What? Mega Menu: Services
201 E Pikes Peak Ave Suite 2025
Colorado Springs, CO 80903