833-847-3280
Schedule a Call

Coronavirus and Cybersecurity Attacks: What You Need to Know 

Coronavirus is here a,nd cybersecurity attacks are on the rise! Here’s what you need to know about the latest scammer attacks and how you can prevent yourself or your company from being a pawn in this game.

Check Point cybersecurity reported that over 4,000 coronavirus-related domains are active since the beginning of 2020. In the same report, 3% of the newly registered domains are malicious. Another 5% are suspicious. According to Check Point, 3% may seem like a low figure, but it means that coronavirus-related domains are 50% more likely to be malicious than any other domain registered during that same period.

It’s common for malicious scammers to go in full effect during a national crisis, and the coronavirus epidemic is no different. As the outbreak is making its way through all nations, computer users are the target.

People need to stay vigilant as malicious hackers will be in full force right now attempting to take advantage of insecure networks. Also, many companies are allowing people to work from home and using VPN’s. Verification of Company VPN’s should be in place before allowing users to access the internal networks.

The different types of attacks that malicious hackers are taking advantage of during the coronavirus outbreak are:

  • Phishing emails
  • Coronavirus themed malware attacks
  • Bait trapped URLs
  • Credential Harvesting scams

Protecting yourself from the coronavirus isn’t all about washing your hands and using Lysol on every surface of your house. It’s also about knowing the basic precautions to protect your online identity. Following cybersecurity best practices, and knowing the basics, are a great start.

Phishing Emails: 

The first thing you’ll want to do when monitoring your emails, is verify the senders email address. Make sure you recognize it, and that it looks legitimate. However, not all legitimate email addresses are safe. You’ll also want to pay attention to what the email is asking you to do. Common sense goes a long way – never share your personal information or banking information.

Another red flag is whether the email has attachments. Always be wary of opening attachments, and never open them from unknown senders. If the email contains a link, hover over it with your mouse curser, and make sure the URL is legit.

Researchers at Cofense, stated they observed a new phishing campaign that pushes fake messages from The Centers of Disease Control (CDC). Some example messages that have been sent are that the coronavirus has “officially become airborne” and there “have been confirmed cases of the disease in your location.”

Bait trapped URLs: 

The email, according to researchers, is a “good forgery,”. It also contains a phishing kit that tempts users to click on a URL. It appears to be legit, as it’s from the CDC, and recipients are told to click on the link to learn more about their localized coronavirus threat. What users don’t see, is that behind the malicious link, there are one of three redirects that malicious hackers use. Once clicked, the victim is taken to one of several top-level domains, that each use an SSL certificate.

“Users will be presented with a generic looking Microsoft login page upon clicking the link,” according to researchers. “The recipient email address is appended within the URL, thus automatically populating the login box with their account name. The only thing for the user to provide now is their password. Upon doing so, the user is sent to the threat actor.”

If credentials are entered into the site, the user is then sent to the legitimate CDC website.

Malware Attacks: 

There are two major malware attacks that are going around. The first type of malware attack includes phishing emails (which we’ve discussed above) and another is that malicious hackers are using a Microsoft Office document to drop a backdoor onto a victim’s computer.

The MalwareHunterTeam discovered a three-page coronavirus-themed Microsoft Office document posing to be from the Center for Public Health of the Ministry of Health of Ukraine. The document does not contain legitimate information like it portrays to in the email. The document contains malicious macros and once opened, the document can drop a backdoor with capabilities such as clipboard stealing, keylogging, and the ability to lift screenshots from a victim’s computer.

Coronavirus and Cybersecurity

As if running out of toilet paper isn’t scary enough! Another worry with the new coronavirus is that malicious hackers are taking advantage of the epidemic and turning citizens into victims. Stay up to date on the latest threats, and remember, if you’re ever unsure of whether something is real, don’t open it, don’t click, and don’t fill anything out.

If you have any additional questions, or want to ensure your business is secure, fill out our contact us form.[/vc_column_text][/vc_column][/vc_row]

Latest Posts

A transparent image used for creating empty spaces in columns
In the ever-evolving world of cybersecurity, penetration testing (pen testing) stands out as a critical component of an effective defense strategy. For MSPs (Managed Service Providers) and MSSPs (Managed Security Service Providers), the value of pen testing goes beyond identifying vulnerabilities—it’s about proving value to…
A transparent image used for creating empty spaces in columns
 With less than three months remaining until the deadline for PCI DSS 4.0 compliance, now is the time to assess your business’s status and determine what steps you need to take. The Payment Card Industry Data Security Standard (PCI DSS) sets security requirements to…
A transparent image used for creating empty spaces in columns
In today’s increasingly digital world, organizations face a growing number of threats from cybercriminals seeking to exploit weaknesses in systems, networks, and even human behavior. Understanding your attack surface—the totality of vulnerabilities and entry points an attacker could exploit—is essential for protecting your business. Whether…
A transparent image used for creating empty spaces in columns
 The Payment Card Industry Data Security Standard (PCI DSS) has long been a cornerstone for protecting cardholder data against theft and fraud. With the introduction of PCI DSS 4.0, organizations handling payment card information must implement several significant updates to enhance security and provide…
A transparent image used for creating empty spaces in columns
Yes, penetration testing is a proactive approach to cybersecurity. It involves simulating attacks on systems, networks, or applications to uncover vulnerabilities and weaknesses before malicious actors can exploit them. By identifying and addressing these security issues early, penetration testing strengthens an organization’s defenses and reduces…
A transparent image used for creating empty spaces in columns
  March 31st, 2025, is fast approaching, and it’s a pivotal date for businesses handling payment card data. This marks the deadline for full compliance with PCI DSS 4.0, the latest version of the Payment Card Industry Data Security Standard. If your organization processes, stores,…
contact

Our Team

Name(Required)
This field is for validation purposes and should be left unchanged.
On Load
Where? .serviceMM
What? Mega Menu: Services