Security News

Because the last thing we want to see is that we all end up so focused on coronavirus-themed scams that we inadvertently create a loophole for those crooks who are carefully sending non-coronavirus scams in the hope of attracting less scrutiny - hiding in plain sight, as it were. If you simply redefine "Nigerian scams" as "Advance fee fraud scams" - in other words, you focus on how they work instead of who may or may not be perpetrating them - you learn how to recognise fraudulent money-up-front schemes in general and protect yourself much better.

Cyberattackers have reached a peak of sending 1.5 million malicious emails per day related to the COVID-19 pandemic over the course of the last three months, according to new research. "We saw a rise in unwanted emails containing embedded URLs using the keywords of 'COVID' or 'corona,' from negligible values in January 2020 to over half a million blocked per day the end-of-March onwards," he wrote in the post.

The National Cyber Security Centre has launched the Suspicious Email Reporting Service: a new email address for reporting scam mails to a government department that might actually do something about it. The cybersecurity service, an offshoot of eavesdropping agency GCHQ, said it has set up an "Automated programme" that will "Immediately test the validity of the site" if one is mentioned in a phishing email.

Over the past week, Google has observed more than 18 million malware and phishing emails related to COVID-19 being sent out every day. On a daily basis, Gmail blocks 100 million phishing emails.

The DHS is partnering with BlueRISC Inc to develop Cloud-based Root-of-Trust technology to keep agency email separate and secure on corporate-owned, personally enabled devices, even when the user operates personal email from the same device. "The EPRIVO Enterprise 2.0 email system ensures the confidentiality of email in transit, in cloud storage at an email service provider, and when stored on the mobile device, providing both physical and cryptographically based protections," said Kris Carver, BlueRISC Technical Director.

Google is striving to block Gmail messages and other content that exploit COVID-19, but there are steps users can take to fight such malware. The popularity of Google Cloud services such as G Suite, Gmail, and Chrome have made their users tempting targets for malware.

Cybercriminals are deploying COVID-19-themed gift card scams, wire transfer scams, and payroll scams aimed at organizations and their employees, according to security provider Trustwave. Phishing emails are a favorite tactic used by scammers to try to convince people to share account credentials, financial information, and other private data.

We've seen a recent surge of concern about sextortion emails over the last few days. A sextortion or porn scam email is where cybercriminals email you out of the blue to claim that they've implanted malware on your computer, and have therefore been able to keep tabs on your online activity.

As US citizens wait for President Trump's final decision about whether quarantine will be over by Easter, malware peddlers have already "Decided": quarantine will be prolonged until August 2020. Researchers with anti-phishing startup Inky have spotted two phishing emails purportedly coming from the White House, "Signed" by President Trump.

The number of COVID-19-themed attacks has increased significantly over the past couple of months, but they represent only a fraction of daily threats, security firms say. At the moment, the tech giant is seeing roughly 60,000 phishing emails that carry COVID-19 related malicious attachments or malicious URLs each day.