SOCIAL ENGINEERING THREATS RISE AS CYBERCRIMINALS EXPLOIT COVID-19 PANIC AND DISINFORMATION

Mar. 24th, 2020

Cybercriminals are exploiting the fear and uncertainty surrounding COVID-19 events to target people’s critical data or personal assets using sophisticated social engineering tactics.

 

 

Many threat actors are using the epidemic as a spam email theme. In a case out of Japan, threat actors using a thread-hijacking technique ultimately led victims to download.

 

Emotet malware samples: Several emails declaring to be about “safety measures” have also been identified as COVID-19 opportunistic phishing.
 

As organizations are now being forced worldwide into the shelter-in-place paradigm, often without adequate IT support and know-how, the end-user working from home is even more at risk from phishing and other scams camouflaged as corporate or official communications.

 

As critical as cybersecurity technology is to the organization, user awareness programs should be implemented immediately to combat the evolving threat of phishing and other social engineering techniques, especially during this period.