Cyber criminals are capitalising on the disruption caused by the COVID-19 pandemic, with over 83 million COVID-19 related e-mails blocked and thousands of malicious URLs found in just the first 100 days of the pandemic. 

This is according to Mimecast, whose 100 Days of Coronavirus threat intelligence report indicates that threats are evolving as the pandemic evolves.

More than 1 000 COVID-19 themed impersonation e-mails were blocked by Mimecast alone, including a single significant campaign of over 500 e-mails delivered in XLS format on 6 April 2020 to the North America and Caribbean region. These contained the Stratos malware dropper, an MS Office macro-based Trojan. 

Mimecast’s Threat Intelligence Centre has seen a steady stream of different e-mail phishing attacks that change in line with public concerns.

“New e-mail phishing scams are matching what people are talking about and what people are worried about at the time,” says Brian Pinnock, director of Sales Engineering at Mimecast. 

“The first phishing attacks impersonated doctors and other specialists from Wuhan, China, enticing users to click on a link to find the latest information on symptoms and treatments. Then, as governments and other official organisations became involved, we saw impersonations of those organisations offering government advice. When businesses began taking action and started sending people home, we saw business impersonations being sent to employees. 

"Shortly before the lockdown was announced in South Africa, as many organisations already began to work from home, a scam entitled ZA WFH was picked up on our South African grid.”

Pinnock says researchers have found a significant concentration of effort on COVID-19 themed domains and Web sites. This became a key issue since the beginning of March, where researchers saw more than 8 400 clicks on malicious URLs related to this subject alone.

The Mimecast Brand Exploit Protect team identified close to 60 000 new coronavirus Web sites in a two-week period, most of which were malicious. Some of these included Web sites selling home test kits, suggesting a cure, spreading fake news, impersonating bodies such as the CDC or WHO, and fake donation pages being used to steal people’s credentials.

Webinar: Stay ahead in an evolving cyber threat landscape

In the face of massive disruption and new risks presented by cyber criminals preying on people’s fears, Mimecast, in partnership with ITWeb, will present a free webinar on staying ahead in an evolving cyber threat landscape. 

This event, on 11 June, will help organisations mitigate new risks and outline a best practice approach to e-mail security. 

 For more information, and to register, click here.