Be on the Lookout for Rising Number of COVID-19 Phishing Attacks

April 21st, 2020 by admin

A blue digital lock with various connected devices and a person hand pointing at the lock

Hackers will often look to exploit any weakness they can find, whether it is technological means or through human curiosity and concern. With the rapid rise of COVID-19 across the globe, hackers are ramping up their phishing attack efforts. These efforts are slipping past Microsoft 365 ATP's and getting into people's inboxes. Since these emails are getting into people's inboxes, employers must ramp up educational efforts to mitigate any risk to their data networks. Here are some of the strategies that are being used.

Android App

An Android App is circulating that claims to provide up-to-date coronavirus information and tracking. Instead, it tricks the user into giving administrative access to install an app called 'CovidLock' ransomware on the device.

In addition to this, many emails appear to be from reputable sources, such as Doctors, and in some cases, emails appear to be sent from the World Health Organization.

Microsoft Excel Attachment

Another method hackers are using is an email containing a Microsoft Excel attachment. Downloading the attachment will cause a file containing macros that will execute a dynamic link library (DLL) to install a piece of malware called 'Get2 loader.'

Trickbot Malware

Another method is the trickbot malware, which is a backdoor threat known to install ransomware payloads. Additionally, the Cybersecurity and Infrastructure Security Agency (CISA) have detected emails that target users with documents claiming to share information regarding the virus but contain malicious content that installs malware.

Videoconferencing

The FBI has warned of an increase in attempted hacking attempts of Zoom and other video conferencing platforms. The healthcare industry is also being targeted with ransomware due to the uptick in telehealth sessions. According to the FBI, if you are using Zoom for video conferencing, make sure you have set the meeting to private and require a strong password to enter the meeting. Additionally, send the link for the meeting directly to the participants, and make sure all users are using the latest version of Zoom.

With everything that is happening in the world right now, you and your employees must remain vigilant and pay attention to any emails that may seem suspicious. At MPA Networks, we are well equipped to deal with these threats and other network intrusion attempts. Contact us today so we can ensure your network is safe and secure.

Posted in: Cyber and Data Security, Solutions


Back to Top

Copyright © 2020 MPA Networks, Inc.

Atomic8Ball Web Presence Management

Cal. Civ. Code ยง 1798.102 - Do Not Sell My Personal Information