Report: Cyber Criminal Activity Increasing During Pandemic

file photo
file photo

Published May 6, 2020 5:07 PM by The Maritime Executive

Email and data security company, Mimecast, has released a report on The First 100 Days of Coronavirus – which shows transportation, storage and delivery is the third-most attacked industry globally by cyber criminals since the emergence of the COVID-19 virus, behind the retail and manufacturing industries.

Increases in coronavirus-related spam and impersonation attack campaigns are exploiting the vulnerability of users working at home, taking advantage of their desire for information about the coronavirus pandemic to entice them to click on unsafe links, states the report. Traditional fraudsters are also using spam to offer fake or non-existent goods such as protective masks or COVID-19 cures.

The Mimecast Threat Intelligence team analyzed trends in activity over the first 100 days of the pandemic. The monthly volume of all the detection categories reviewed increased by 33 percent between January and the end of March 2020:

• Spam/opportunistic detections increased by 26.3 percent
• Impersonation detections increased by 30.3 percent
• Malware detections increased by 35.16 percent
• Blocking of URL clicks increased by 55.8 percent

Mimecast has observed some 60,000+ COVID-19-related registered spoof domains since early January 2020. The retail industry was the hardest hit, and researchers detail the proliferation of domain spoofing of major retail brand websites – like Walmart – in attempts to steal from unsuspecting panic-buyers as they look to purchase necessities online.

The report makes recommendations for secure remote working:

• Update home WiFi with a strong password
• Never click on COVID-19 related attachments received outside your trusted perimeter
• Double-check links – if suspicious, do not click!
• Ensure the links go to the correct domain
• Update usernames and passwords on trusted sites only
• Do not use personal devices at home to access organization networks, data, or emails.

The report is available here.