A recent study from IBM X-Force reveals that coronavirus-themed spam has increased 14,000% in the past 14 days
IBM X Force, the threat intelligence group, has revealed the large number of spam related to coronavirus (COVID-19) in their study. According to the report, coronavirus-theme spam has increased by 4,300% since the pandemic hit in February. Moreover, in the past 14 days, spam has spiked by 14,000%.
Cyber-attackers and hackers across the globe are taking advantage of the COVID-19 outbreak to send people phishing emails, spam, and malware. Some of the cybercriminals are targeting small businesses looking for government relief while others are using ransomware, threatening the health and safety of users in the case of non-payment. There are some hackers that are impersonating groups like the World Health Organization (WHO) by promising information on COVID-19 but instead delivering malware.
In the case of Small Business Relief Spam, cybercriminals are sending emails claiming to be from the U.S. Small Business Administration, with an attachment purporting to be an application for disaster assistance. The malicious file attachment executes the Remcos malware that installs a Remote Access Trojan (RAT). Over the past few days, spam attacks in high volume have been threatening to infect the recipient with COVID-19 if they fail to pay a ransom. The cybercriminal is demanding $500 in Bitcoin or risk being infected with the virus in 72 hours. Emails appear to be sent from the victim’s account, while in some cases, most of the emails are being sent from IP addresses in East Asia, particularly Vietnam.
Last month, a separate report from Kaspersky and Sophos found phishing emails from hackers pretending to be from the Centers for Disease Control and Prevention and the World Health Organization. These mails are attempting to steal email credentials and other information.
IBM X-Force has offered some recommendations to be safe from these spam and ransomware attacks:
- Don’t click or open links in emails directly. Type in the main URL in the browser via a preferred search engine.
- Make sure to update anti-virus software on your personal and office devices.
- Search for existing signs of the Indicators of Compromise (IOCs) in your environment.
- Block all URL and IP-based IOCs at the firewall, intrusion detection system, web gateways, and routers to remediate this threat.
- Run applications and operating systems at the current released patch level.