The current circumstances are bringing their share of challenges for businesses and COVID-19 is also offering opportunities for cyber crime. James Arthur explains how you can keep your organisation safe.
Measures announced by the government over recent weeks to deal with coronavirus have had a huge impact on our day-to-day lives. We are spending more time at home and online, and businesses are finding themselves in challenging circumstances. Unfortunately, this has meant that cyber risk has increased as criminals exploit every opportunity to commit cyber crimes against individuals and businesses alike.
Cyber crime is exploiting government schemes
"Phishing emails" are fake emails attempting to get hold of the recipient's personal and banking details through deception. According to cyber crime statistics compiled by Barracuda Networks, phishing emails using subject lines containing "coronavirus" or "COVID-19" as a lure have spiked by over 600%. In particular, cyber criminals have focused on the current government schemes as attack vectors - ways to exploit unsuspecting individuals and businesses.
Due to the challenging economic downturn that businesses find themselves in, a large number have seen a drop in operations and have taken advantage of the government's Coronavirus Job Retention Scheme (CJRS), a programme to support the economy by paying 80% of employers’ wage bills for staff suspended during lockdown. The scheme received 140,000 applications from firms in the first eight hours of opening and as UK employers have now furloughed over one million staff, cyber criminals have used this scheme to their advantage.
Within 24 hours of the furlough scheme being launched, phishing emails were sent to unsuspecting businesses claiming to be from the HMRC chief executive asking for personal and financial details. These were designed to look genuine and help to create the impression of authenticity, cyber criminals "spoof" sender information to make it appear to come from a trustworthy source.
Online support platforms are also a target for cyber crime
Phishing attempts have also targeted the government's launch of a new online platform to help businesses access other financial support. The tool asks business owners to fill out an online questionnaire and then directs them to a list of all the financial support for which they may be eligible.
Impersonating well-known websites for credential theft phishing attacks has increased. Fake websites have been set up by cyber criminals and used to harvest personal data and user credentials. For example, if the victim enters their email password on a spoofed page, cyber criminals may be able to access the victim’s online account. This access can then be used to acquire further personal or sensitive information, or to disseminate other phishing emails using the victim’s contact list.
Beware fake coronavirus websites
According to multiple reports, cyber criminals are creating thousands of coronavirus-related websites daily. At the end of March 2020, Palo Alto Networks Unit 42 researchers identified over 116,000 coronavirus-related registered domain names. And while many of these domains are registered to be re-sold for a profit, a significant proportion of them are used for malicious activities, such as fraudulent shops selling items in short supply, hosting malware and phishing sites.
The National Cyber Security Centre (NCSC) has reportedly disabled more than 2,000 online coronavirus scams over the last month, including 471 fake online shops selling fraudulent coronavirus-related items, 555 malware distribution sites set up to inflict significant damage to visitors and 832 advance-fee frauds promising a large sum of money in return for a set-up payment.
Charities are not safe from cyber crime
Even schemes for identifying and protecting "at risk" individuals are not safe from cyber crime. Charities have been particularly targeted by cyber criminals claiming to be from a government organisation able to provide information, such as a list of elderly people who may require support from the charity. The receiver of the email is then asked to click on a link that leads to a fake website which requests bank details, demands payment in untraceable cryptocurrency, such as Bitcoin, or downloads malware to their organisation's computer network.
As more support arrives, there are more opportunities for cyber criminals
It is estimated that a third of UK households are likely to need government support within the next three months to get through the outbreak. A recent survey by research firm, Kantar’s states that 44% of employed people believe their job is less safe now than it was 12 months ago. This would provide cyber criminals with further avenues for exploiting individuals using phishing attacks for government-initiated schemes, such as Universal Credit and hardship funds.
Besides emails purporting to be from HMRC and spoofed government websites, cyber criminals are using a variety of other targeted lures for fraudulent purposes. Some of the more widespread scams currently being seen include information on the virus from the likes of the World Health Organization, special offers on goods such as face masks and other items of personal protective equipment, and even cures for COVID-19.
Apps designed to help identify and track instances of COVID-19 have been weaponised by cyber criminals. Researchers have found that the interactive coronavirus tracking map created by Johns Hopkins University has been spoofed and used to deliver malware to devices on which the app has been downloaded. The malware has the ability to steal credentials, payment card numbers, cookies and sensitive browser-based data and exfiltrate that information to a command-and-control server.
How to prevent cyber crime
Thankfully, there are some simple steps you and your business can take to minimise the risk of cyber fraud:
Do not click on links or attachments in unexpected or suspicious texts or emails
Keep yourself secure online by ensuring you are using the latest versions of software, apps and operating systems on your phones, tablets and laptops
Ensure your organisation has the cyber security systems in place to identify and quarantine phishing emails
Train all your employees to spot suspicious communication and think twice before giving out personal or company information
If you receive a request to make an urgent payment, change supplier bank details or provide financial information, verify all payments and supplier details directly with the company on a known phone number or in person first
For support in protecting your firm from cyber attacks, contact James Arthur.