SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Trend Micro: COVID-19 related malware and spam on the rise
Mon, 11th May 2020
FYI, this story is more than a year old

 Malware and spam related to the COVID-19 pandemic is on the rise globally, according to new research from Trend Micro.

The cybersecurity solutions firm has released an update on COVID-19 related cyber threats and fraudulent activity, which uncovers global statistics and country threat rankings, garnered from its Trend Micro user base.

The results found that Australia ranked 10th highest in detected email spam connected to COVID-19 from January to March 2020. The United States was identified as the top location for spam and malware detections, and users accessing malicious URLs from January to March.

Globally, Trend Micro has detected an increase in COVID-19 related spam of 220-fold from February to March, and 907,000 total spam messages related to COVID-19 for the same period. The firm detected 737 incidents of malware.

Trend Micro says COVID-19 is being used in a variety of malicious campaigns including email spam, BEC, malware, ransomware, and malicious domains. As the number of those afflicted intensifies, campaigns that use the disease as a lure likewise increase.

“The shift to remote working has been a huge change for many businesses, as they have had to quickly adopt new technology and processes, which in turn has made many vulnerable to cyber-attacks,” explains Dr Jon Oliver, director and data scientist, Trend Micro.

“Leveraging current or topical events in social engineering strategies is not a new tactic used by cybercriminals. However, with the unpredictability of the pandemic itself, we are seeing a steep rise in exploitations by cybercriminals using the virus as bait, playing into people's worry, anxiety, and perhaps lowered security during this time," he says.

"Now more than ever, businesses need to ensure that their employees are being vigilant when it comes to cybersecurity practices. This includes revisiting security training and protocols with staff and ensuring they are securely set up to work from home.

Most common attacks to be aware of, according to Trend Micro:

 With spam being the top method to deliver attacks on enterprises (65.7% of attacks), Trend Micro identified that the top samples of this are in the form of:

o   Shipment notifications

o   Coronavirus Ministry of Health updates

·       Emotet, a banking malware variant, has been prominently used in coronavirus campaigns

·       The top emerging techniques for email scam proliferation are:

o   Targeting specific countries, including China and Italy

o   Business Email Compromise

o   Cruel ransomware

o   Sextortion related scams

·       Threat actors exploit the public's need for information about COVID-19 to distribute malware in the form of:

o   Information stealing software disguised through Coronavirus interactive maps

o   Malicious mobile applications disguised as helping to track cases of COVID-19

o   Fake COVID-19 safety portal from the World Health Organisation (WHO)

o   Fake centres for disease and prevention waitlist that looks to gather personal information

·       The effects of COVID-19 have also reached the cybercriminal underground, as popular items are being sold including:

o   COVID-19-themed phishing, malware, and exploits

o   Toilet paper, N95 masks, ventilators, and other essential supplies