Security News

The National Cyber Security Centre has launched the Suspicious Email Reporting Service: a new email address for reporting scam mails to a government department that might actually do something about it. The cybersecurity service, an offshoot of eavesdropping agency GCHQ, said it has set up an "Automated programme" that will "Immediately test the validity of the site" if one is mentioned in a phishing email.

Over the past week, Google has observed more than 18 million malware and phishing emails related to COVID-19 being sent out every day. On a daily basis, Gmail blocks 100 million phishing emails.

The DHS is partnering with BlueRISC Inc to develop Cloud-based Root-of-Trust technology to keep agency email separate and secure on corporate-owned, personally enabled devices, even when the user operates personal email from the same device. "The EPRIVO Enterprise 2.0 email system ensures the confidentiality of email in transit, in cloud storage at an email service provider, and when stored on the mobile device, providing both physical and cryptographically based protections," said Kris Carver, BlueRISC Technical Director.

Google is striving to block Gmail messages and other content that exploit COVID-19, but there are steps users can take to fight such malware. The popularity of Google Cloud services such as G Suite, Gmail, and Chrome have made their users tempting targets for malware.

Cybercriminals are deploying COVID-19-themed gift card scams, wire transfer scams, and payroll scams aimed at organizations and their employees, according to security provider Trustwave. Phishing emails are a favorite tactic used by scammers to try to convince people to share account credentials, financial information, and other private data.

We've seen a recent surge of concern about sextortion emails over the last few days. A sextortion or porn scam email is where cybercriminals email you out of the blue to claim that they've implanted malware on your computer, and have therefore been able to keep tabs on your online activity.

As US citizens wait for President Trump's final decision about whether quarantine will be over by Easter, malware peddlers have already "Decided": quarantine will be prolonged until August 2020. Researchers with anti-phishing startup Inky have spotted two phishing emails purportedly coming from the White House, "Signed" by President Trump.

The number of COVID-19-themed attacks has increased significantly over the past couple of months, but they represent only a fraction of daily threats, security firms say. At the moment, the tech giant is seeing roughly 60,000 phishing emails that carry COVID-19 related malicious attachments or malicious URLs each day.

The phishing emails led to malicious websites that used the same HTML and CSS found in actual White House sites, says email security provider INKY. Phishing emails and their associated websites often impersonate well-known organizations, brands, businesses, and other familiar subjects to try to trap potential victims. A series of recent phishing emails examined by INKY targeted people curious or anxious about COVID-19 by impersonating the White House and some in the administration.

IRONSCALES, the pioneer of self-learning email security, announced that Themis, its AI-driven virtual security analyst, now has the ability to be fully autonomous in the classification and removal of email threats. Security analysts can now measurably increase the speed and accuracy of their email security by allowing Themis to make time-sensitive decisions on email threat mitigation without any human involvement.