Almost since the start of the coronavirus, cybercriminals have been exploiting the pandemic to deploy malware in an effort to scam people curious or fearful about the disease. Phishing attacks and phony websites have been two common tactics used by attackers. A report released Wednesday by fraud prevention company Bolster looks at some of the most popular scams seen during the first quarter of 2020.
SEE: Security Awareness and Training policy (TechRepublic Premium)
In its “State of Phishing & Online Fraud” report, Bolster said it found around 4 million suspicious web pages and more than 850,000 confirmed phishing and counterfeit pages over the first quarter. As the coronavirus took hold, around 30 percent of the confirmed phishing and counterfeit pages were related to COVID-19.
As the pandemic ramped up in March, more than 8,000 phishing and counterfeit pages were created during the month. And on March 19 alone, more than 25,000 such pages were devised, a record high for the quarter.
The coronavirus outbreak and the move to remote working have triggered a jump in scams targeting the SaaS (Software as a Service) and healthcare sectors. SaaS and telecoms were the two industries most impacted by phishing scams, followed by finance, retail, and streaming companies.
Popular coronavirus scams
Medical. Among the coronavirus-related scams seen during the quarter, those that touted supposed cures for the virus were among the most popular. For March alone, Bolster discovered more than 102,000 websites related to medical scams. Of those, more than 1,000 were either pretending to sell hydroxychloroquine or were spreading misinformation about this drug as a way to cure COVID-19.
SEE: Coronavirus: Critical IT policies and tools every business needs (TechRepublic Premium)
In one example, a low-quality counterfeit online pharmacy purports to sell hydroxychloroquine. Anyone who tries to buy medication is actually redirected to a generic online pharmacy, which will sell you a real and possibly dangerous medication or simply capture your sensitive contact information.
In another example exploiting hydroxychloroquine, a high-quality counterfeit online pharmacy claims to sell the drug. If you try to order and pay for the medication, you’re taken to another fake site that wants to capture your contact information for later use. In one more example of a hydroxychloroquine scam, a website exists to spread misinformation about the drug and its efficacy at treating COVID-19. Such sites either try to drive traffic to fake online pharmacies or collect your contact information.
Financial Stimulus. As businesses and individuals have suffered financially as a result of the coronavirus and the resulting quarantine, the US government has been offering loans and stimulus payments for those affected. Naturally, this has become another area ripe for exploitation by criminals.
Over the first quarter, Bolster found more than 145,000 suspicious domain registrations with the phrase “stimulus check.” The number of websites promising small business loans jumped 130% from February to March. Plus, more than 60,000 fake banking websites were created as a way to siphon off stimulus funds.
Crypto Scams. Cybercriminals have also been creating websites that try to coax people to download suspicious files by pretending to offer downloads for a special COVID-19 cryptocurrency wallet. Crypto scam sites also attempt to force you to create an account to obtain their fake cryptocurrency. The attackers then use your credentials to try to take over your accounts at other websites.
“We anticipate phishing site creation will continue to increase, especially as we proceed further into a COVID-minded world,” Bolster co-founder and CEO Abhishek Dubey said in a press release. “The phishing lures and tactics of cybercriminals will consistently evolve to keep up with the rapidly changing threat landscape, but the underlying credential theft will not. Cybersecurity-conscious organizations will need to work together and leverage (artificial intelligence) AI, automation, and security training to effectively combat phishing and online fraud during this surge and beyond.”