KEY POINTS

  • The COVID-19 outbreak is far from over as the coronavirus threatens to spread in other parts of the world
  • The increasing awareness and need for information about the virus is reportedly exploited by cybercriminals to spread malware and compromise devices
  • Cybercriminals use emails disguised coming from various welfare organizations like the CDC or WHO to deploy and install malware to unsuspecting victims

The recent COVID-19 outbreak is devastating as it steals lives, paralyzes operations, and creates mass fear. But, it seems that another danger not really related to the coronavirus outbreak is threatening our security. A new report reveals that hackers are taking advantage of the current COVID-19 scare to steal personal data.

How Hackers Exploit COVID-19

Wire’s Chief Revenue Officer Rasmus Holst recently shared some details with TechRepublic about how hackers exploit the public’s interest in the COVID-19 outbreak to launch their attacks. The executive explained that the outbreak heightens people’s awareness, which triggers people to be more curious about information related to the virus. Hackers could use phishing attacks that put employees at risk by thinking that the information is really about the coronavirus.

The phishing attacks used by these attackers know psychology, and as the awareness of getting information heightens, they use the marketability to gain access and steal data, revealed the executive.

Big tech names have pulled out of the Barcelona conference over COVID-19 virus fears
Big tech names have pulled out of the Barcelona conference over COVID-19 virus fears AFP / Anthony WALLACE

Other Important Details About Various Attacks

Another report claims that attackers are using the widespread fear of COVID-19 to deploy malware. Over the past weeks, several studies discovered that attackers are releasing malware in the guise of emails from various organizations containing details and instructions on how to fight the virus. Xforce, IBM’s security, found out that the campaign was launched in Japan, where users received emails from welfare organizations giving information about the COVID-19.

In reality, the document is a Microsoft Office 365 file equipped with macros script to install a malware device, reported IBM. The team discovered Emotet malware that could steal financial information by installing a compromised code into the networking of the target device. Kaspersky team also released a report revealing how hackers use PDF, DOCX, and MP4 files to spread a variety of virus masked as COVID-19 information.

NBCNEws also reported a similar tactic where attackers use the names World Health Organization or the Centers for Disease Control to disguise as concerned organizations sending emails to the public about the COVID-19. Recipients who click on a link could allow cybercriminals to gain access to their devices, install malware, and steal data, money, and other confidential stuff.