Security News

Cyber-threats taking advantage of the COVID-19 pandemic are evolving, and Google is seeing an increase in related phishing attempts in countries such as Brazil, India, and the UK. As the coronavirus crisis spreads worldwide, cyber-criminals and state-sponsored actors have adapted their attacks to leverage pandemic-related lures. Google says it has observed an increase in the number of scams targeting Aarogya Setu, an initiative where the government is trying to connect people across India with essential health services.

Researchers are warning of an ongoing phishing attack that's targeting the credentials of more than 100 high-profile executives at a German multinational corporation that's tasked with procuring coronavirus medical gear for Germany. The company, left unnamed by researchers, is part of a task force created March 30 by the German government and the private sector to procure personal protective equipment for healthcare workers on the front lines of COVID-19, such as face masks and medical equipment.

Google's threat analysts have identified state-level attacks from China. I hope both campaigns are working under the assumption that everything they say and do will be dumped on the Internet before the election.

There was a 37 percent increase worldwide in enterprise mobile phishing encounter rate between the fourth quarter of 2019 and the first quarter of 2020, according to Lookout. The report also shows that unmitigated mobile phishing threats could cost organizations with 10,000 mobile devices as much as $35 million per incident, and up to $150 million for organizations with 50,000 mobile devices.

With the U.S. presidential election months away, advanced persistent threat groups are targeting the campaign staffers of both Donald Trump and Joe Biden in recent phishing attacks. A China-linked APT group targeted Biden's campaign staff, while an Iran-linked APT targeted Trump's.

College Park, MD-based phish prevention firm INKY has raised $20 million in a Series B funding round led by Insight Partners. The firm brings artificial intelligence in the form of machine learning and computer vision technology to the recognition and handling of phishing emails.

A phishing email claims to send the recipient to a VPN configuration page for home access but instead leads them to a credential-stealing site, said Abnormal Security. Cybercriminals have been keen to exploit COVID-19 to create coronavirus-related malicious apps, phony websites, and phishing emails.

Encounter rates for enterprise mobile phishing increased 37 percent between the last quarter of 2019 and the first quarter of 2020, from around 16 percent to 22 percent. The Mobile Phishing Spotlight Report from Lookout highlights how threat actors have shifted their tactics to take advantage of the evolving move from the physical to mobile or home office in the wake of the COVID-19 pandemic, which forced many companies to order their employees to work from home and use mobile devices as part of their every-day productivity.

Mobile phishing is on the rise according to a new study from cybersecurity company Lookout, which found a 37% increase in enterprise mobile phishing in the first quarter of 2020. According to data collected by Lookout researchers, unmitigated mobile phishing threats could cost organizations with 10,000 mobile devices as much as $35 million per incident, and up to $150 million for organizations with 50,000 mobile devices.

The campaign impersonates Zoom emails, but steals the Microsoft account credentials of its victims, says security firm Abnormal Security.