Three ways coronavirus is impacting cyber crime

Sophisticated cyber criminals are taking full advantage of the prevailing fear, uncertainty and doubt around the pandemic to gain financially.
Read time 4min 00sec

Sadly, it’s not only the virus that’s spreading − the pandemic is providing ample opportunity for cyber criminals to accelerate their efforts.

The increase in COVID-19-related domains since January is, in itself, testament to possible increased criminal activity. This, coupled with growing uncertainty and widespread panic, creates the perfect environment for criminals to exploit vulnerable targets.

Here are some of the current trends as well as possible measures to address the latest tactics.

Escalating phishing scams

The South African Banking Risk Information Centre recently warned customers about a significant increase in phishing scams. Citizens are being manipulated into clicking on malicious links via e-mails and SMSes offering COVID-19 info, non-existent vaccines, hand sanitisers and masks, and then being persuaded to hand over personal data.

Of course, this culminates in identity theft, and bank accounts being accessed and compromised. These e-mails also often contain documents, embedded with malware that can access files, monitor user keystrokes and worse yet, encrypt your entire hard drive.

Criminals are also successfully managing to spoof the Web site domains of credible institutions such as the World Health Organisation or government departments, convincing recipients of the authenticity of the e-mail's COVID-19-related content.

Bottom line, if there is a sense of urgency or a “too good to be true offer”, it is probably a hacking attempt. Take the time to authenticate senders and Web sites, don’t click on any suspicious links and immediately delete any e-mails or text messages that seem unusual.

Fake apps

One of the most prolific, malicious apps doing the rounds is claiming to provide real-time coronavirus info, including statistics and heat maps. However, unbeknown to the user, the app contains sophisticated malware now dubbed as “CovidLock”.

This encompasses a screen lock attack, where users are denied access to their phones through the prompting of a password change. Once hackers have full control, victims are requested to pay $100 in Bitcoin, within 48 hours, to obtain a decryption code to unlock their phones.

With the increase in remote video meetings taking place, hackers are certainly getting creative.

If they don’t comply, they are threatened with having their photos, contacts and data deleted or having their social media accounts exposed.

The best way to avoid this, is to not trust apps from unknown third parties; rather download vetted applications from official platforms such as Google Play or Apple Store.

Capitalising on remote workers

During this period, non-essential workers who are able to, have had to resort to remote working − our reliance on technology has never been greater. This dependency naturally provides ample opportunity for cyber criminals to benefit.

A number of employees have received mails (seemingly from employers) providing false links to cloud repositories or company e-mail platforms, where hackers can easily obtain login credentials and access confidential business information.

Criminals are also creating fake company purchase orders and invoices for sanitisers or other supplies, conning employees into transferring money to fraudulent accounts.

What’s more, with so many employees accessing (often unsecured) virtual private networks from home, company servers are also more susceptible to crypto malware. Here, hackers encrypt servers, demanding Bitcoin in exchange for access.

It also stands to reason that, with the increase in remote video meetings taking place, hackers are certainly getting creative.

“Zoombombing” is occurring more and more, with hackers “gate-crashing” Zoom meetings, taking control of screens and showcasing pornographic or violent images. Not only are government departments and businesses vulnerable to these specific tactics, they also run the risk of having confidential information fall into the wrong hands.

Make sure you don't share meeting links, PINs, or screenshots (with anyone outside of those attending the meeting) and definitely not on social media; always ensure a strong password is required to join; set up waiting rooms in order to control attendance; and ensure only hosts are able to share their screens.

These vulnerabilities also speak to the need for companies to develop appropriate security measures and protocols for remote working.

Ultimately, cyber criminals are taking full advantage of the prevailing fear, uncertainty and doubt. Unfortunately, we are not just fighting a devastating global virus impacting the lives of billions, but we are also fighting sophisticated individuals intent on gaining financially.

Second guess everything you receive around COVID-19 and consult official channels for up-to-date and accurate information. 

Sandro Bucchianeri

Absa group chief security officer

Sandro Bucchianeri is Absa group chief security officer. He grew up in the Cape Flats and, unlike many children from that area, had the opportunity later to study and work abroad. He has worked in the UK and the US, and travelled to over 50 countries across the globe in his role as a security consultant before joining Absa in 2017.

Bucchianeri has more than two decades of experience in the field of security information protection. Previous roles include group chief security officer at National Bank of Abu Dhabi and chief information security officer at Investec PLC. Earlier, Bucchianeri was CSO and global head of consulting at Sysnet Global Solutions.

He is a keen supporter of new business ventures, and is passionate about making a contribution to uplifting communities. He led Absa’s efforts in establishing the Absa Cyber Security Academy – a partnership with Maharishi Institute.

Bucchianeri is a member of a number of boards, including the Payment Card Industry Security Standards Council advisory board, which also comprises representatives of Amazon, PayPal, Microsoft and Wal-Mart.

He has several international certifications in risk management and cyber security, in addition to a Masters Degree in Information Security from Royal Holloway University of London.

See also