Omicron leads to 521% surge in Covid test-related email scams

• Attackers went as far as impersonating the Office 365 logo and stating that the document has already been scanned for virus and spam content.
• Scammers are using different tactics to get the attention of their victims such as offering to sell Covid-19 tests and other medical supplies such as masks or gloves.

Cybercriminals have been taking advantage of the heightened focus on the Covid-19 testing and the latest omicron variant not only led to another spike in Covid-19 cases but also phishing attacks.

There has been a 521 per cent rise in Covid test-related scam emails between October 2021 and January 2022.

As some organisations try to get their staff back to the office, they send out updated policies or request information on employees’ vaccination status.

Hackers hijack these conversations and in one specific example found in Barracuda’s research, cybercriminals impersonated an HR department and shared a file hosted on a phishing site with employees in hope of stealing their account credentials.

The attackers went as far as impersonating the Office 365 logo and stating that the document has already been scanned for virus and spam content.

Scammers are using different tactics to get the attention of their victims such as offering to sell Covid-19 tests and other medical supplies such as masks or gloves; fake notifications of unpaid orders for Covid-19 tests, where scammers provide a PayPal account to send payments to complete the purchase of rapid tests — counting on the desperation of their victims; the impersonation of either lab, testing providers, or individual employees sharing fake Covid-19 test results.

Evolving tactics

“Capitalising on the chaos of the pandemic is not a new trend in the world of cybercrime. But, with constantly evolving tactics, and new trends to latch on to, it’s easy to see why scammers are not giving up on this trick,” Fleming Shi, CTO for Barracuda Networks, said.

In fact, in March 2020, when Covid-19 started to spread rapidly, Barracuda researchers observed that Covid-related phishing attacks jumped 667 per cent.

Just like the threat of Covid-19, Shi said that pandemic-themed scams are not going to disappear overnight, but fortunately, there are several tactics that businesses and consumers can employ to ensure they remain protected.

“For a start, businesses must leverage sophisticated email security which utilises artificial intelligence to detect and block email attack tactics that are designed to bypass basic gateways and spam filters.

“Providing employees with up-to-date user awareness training about covid-related phishing, seasonal scams, and other potential threats is also a vital cybercrime prevention method which must be adopted,” he said.

Steps to protect:

• Some email scams include offers to purchase Covid-19 tests, provide information on testing sites with immediate availability, or share test results. Don’t click on links or open attachments in emails that you did not expect, as they are typically malicious.
• Scammers are adapting email tactics to bypass gateways and spam filters, so it’s critical to have a solution that detects and protects against spear-phishing attacks, including brand impersonation, business email compromise and email account takeover. Deploy purpose-built technology that doesn’t rely solely on looking for malicious links or attachments. Using machine learning to analyse normal communication patterns within your organization allows the solution to spot anomalies that may indicate an attack.
• Don’t just focus on external email messages. Some of the most devastating and successful spear-phishing attacks originate from compromised internal accounts. Be sure scammers aren’t using your organization as a base camp to launch these attacks. Deploy technology that uses artificial intelligence to recognise when accounts have been compromised and that remediates in real-time by alerting users and removing malicious emails sent from compromised accounts.
• Educate your users about spear-phishing attacks. Provide employees with up-to-date user awareness training about Covid-19-related phishing, seasonal scams, and other potential threats. Ensure staffers can recognise the latest attacks and know how to report them to IT right away. Use phishing simulation for email, voicemail, and SMS to train users to identify cyberattacks, test the effectiveness of your training, and evaluate the most vulnerable users.
• All companies should establish and regularly review existing policies, to ensure that personal and financial information is handled properly. Help employees avoid making costly mistakes by creating guidelines and putting procedures in place to confirm all email requests for wire transfers and payment changes. Require in-person or telephone confirmation and/or approval from multiple people for all financial transactions.

Related posts:

• Which are the ransomware groups trying to become the next key players?
• It is time to put your new Covid-19 incident response plans into practice
• What are the ways to bypass NSO Group’s Pegasus spyware?