Blog Coronavirus Email Scam: Targets Business Operations

Malware phishing scams are now taking advantage of the pervasive fears surrounding the spread of the coronavirus. Although the vast majority of campaigns have targeted consumers, a Proofpoint report indicates that cyber threat actors are taking aim at business organizations as well.

Alongside the flood of phishing scams that promise secret remedies to hook victims, Proofpoint researchers notice an emergence of campaigns that seem to take advantage of legitimate sources of medical health information in order to hustle users into a false sense of security.

See Also:

• Phishing and Ransomware: The requirement for awareness

• Phishing for Awareness vs Phishing for Security

In the report, published February 13, 2020, Proofpoint researchers wrote: “In this latest round of campaigns, attackers have expanded the malware used in their Coronavirus attacks to include not just Emotet and AZORult information stealer, but also the AgentTesla Keylogger and NanoCore RAT, all of which have the ability to steal personal information, including financial information.”

In addition to this, researchers also have reported fake Office 365, Adobe, and DocuSign sites, all linked to corona-virus-themed emails, that had been expressly crafted to steal user credentials.

The initial targets of the coronavirus-themed attacks were heavily focused in the United States and Japan, who reported their first recorded death on account of “COVID-19”, on Thursday, February 13th. Further, researchers have now seen proof of observed threat actors targeting Italy and Australia. Apart from this shift in focus, researchers report an increase in the variety of industries being targeted in hopes to enhance their degree of success with the themed attacks.

“We have previously written about Coronavirus-themed attached centered on concerns around economic disruptions in light of the outbreak, specifically around shipping. This trend is continuing and has expanded to include manufacturing as well as shipping.”

Proofpoint Researchers

In addition to manufacturing, the degree of focus on economic concerns has begun to focus dedicated attacks directed at construction, education, energy, healthcare, industry, retail and transportation industries.

Lessons Learned

The continued focus on coronavirus as a theme in targeted cyberattacks provides a valuable lesson for anyone engaged in InfoSec. Not only has coronavirus captivated media outlets around the globe, it has also proved to be an invaluable success for cybercriminals who clearly demonstrate no reservations exploiting human suffering for their own financial gain.

With this in mind, we would be wise to consider that any media story of similar caliber could become the next theme for cyber criminals to manipulate in the vested interest of their own objectives.

Cybersecurity Awareness Training & Assumed Breach Penetration Testing

For several years, the majority of cyberattacks have attempted to make use of the human element through social engineering and phishing attempts. Malicious parties seek to trick users into granting them access to a computer network, user account or other critical digital resources. To be frank, the human element has just been the weakest link into any organization’s cybersecurity defenses.

One method that organizations have attempted to recognize and manage this weakness is security awareness training. Security awareness training typically consists of a number of repetitive training modules, and recurring tests/quizzes on a variety of exploitation tactics commonly used by hackers.

At Packetlabs, our Assumed Breach Penetration Testing is designed to cover all of the most common (and uncommon) methods of exploitation considered and utilized by malicious parties. Additionally, we offer cybersecurity awareness training that can either be paired with an OBPT, for best results, or considered on an individual basis.