The existing phishing scams are shooting up with attacks and malicious domains to exploit the Coronavirus concerns
With the widespread pandemic outbreak, the global economy and marketplace are witnessing a new low. Concerning that, Governments have initiated robust stimulus packages to aid businesses and individuals.
Sadly, some individuals are still filling up their own pockets amid the crisis. The U.S Congress has rolled out a $2 trillion of stimulus package for the Economic Impact Payments – to support the economic effects and prevent a market crash. However, it is making another way for exploitation to the scammers.
Cybercriminals are making the most out of the situation by fooling people (victims) with their money. Various malware is being sent out in the form of relevant information on the disease. Such malicious attacks generally passed on via malicious apps and domains, phishing emails, and fake malicious websites. And indeed, the scammers create close approximate with the real URLs.
Google recently cited, in just one week (from April 6 to 13), it had found more than 18 million malware and phishing emails daily – connected to the COVID-19 scams. The tech giant also said – this is on top of over 240 million spam messages, it has been seen as related to the pandemic.
Similarly, according to CheckPoint Research’s latest release, over 4,000 domains linked to Coronavirus stimulus packages have been created and registered since January 2020. Unfortunately, many of them are malicious or containing suspicious elements. As mentioned in the company’s blog post, “These scam websites use the news of the Coronavirus (COVID-19) financial incentives and fears about Coronavirus to try and trick people into using the websites or clicking on links. In March 2020 – a total of 2081 new domains were registered (38 malicious; 583 suspicious)…In the first week of April – 473 were registered (18 malicious, 73 suspicious)”.
Many cyber-attack intelligence experts have reported that the registration of such tricky domains had further increased in the week of March 16. It is because the U.S. government had announced the stimulus payments for taxpayers. It is no secret that most organizations have already been taking care of the data and assets with full convergence. In its essence, they should be more preventative towards the zero-day attacks. In this sensitive time, it is crucial to implement end to end cybersecurity infrastructure – to get alerts on password reuse and to block suspicious phishing websites.