Coronavirus Scam Is the Newest Phishing Attack | Total Security Software

With record growth of more than 351% in Brazil alone, phishing has also generated more than the US $ 12.6 billion in attacks on corporate e-mails globally.

As the fear of the coronavirus continues to spread around the world, cybercriminals take advantage of the topic to send phishing emails using a variety of tactics and a wide range of targets.

Some phishing campaigns are incorporating fake domains designed to look like the US Centers for Disease Control and Prevention and the World Health Organization (WHO).

Phishing is one of the most common and effective methods of getting information from careless users, and cybercriminals know it. The method is simple, low-tech, and exploits human emotions, such as fear, to trick innocent users and trick them into clicking malicious links.

In 2020, the number of phishing pages in Brazil had a record growth of more than 231%. In addition to activities in this pattern and leakage of credentials (emails with a password) and credit cards, the number of leaked passwords from organizations with .br domains is notorious: 23.6 million unique credentials were detected, with "123456" being the most common password with 37.65 million detections in the world.

Since 2013, more than $ 12.6 billion has been stolen through global corporate email losses, known as "CEO fraud"; in 2018 approximately $5,000 worth of scams reported by one in 10 consumers, 190% of phishing attacks against social network users, and 66% of malware installed via malicious email attachments, purchase orders, fake payments, invoices, and receipts.

Phishing has many forms, but below are the most common:

• Mass phishing is the predominant form. Hackers send thousands of fraudulent messages to a large user base, aiming for quantity above quality. Mass phishing can capture significant amounts of information, even if only a small percentage of recipients fall for the scam.
• The spear-phishing targets a specific person or function in the company. Cybercriminals research and analyze their victims, gathering personal data on social media before orchestrating the attack. Typically, spear phishing is used as a first step in gaining access to corporate resources, networks, and more.
• The hijacking DNS is very difficult to detect. The domain name service of normally unsafe home routers is hacked to redirect traffic to carefully created phishing website IP addresses. Unsuspecting users type the domain address into their browsers and hand over their credentials. A DNS hack like this occurred with Itau and Banco do Brasil in 2018.
• Finally, so-called Tech support scams are a particularly harmful form of phishing for operators. Phishers impersonate operators and ask customers for account credentials or try to sell fake technical support services and steal credit card details. These scams can damage the reputation of companies and tarnish the image of brands, for example.

When you look at the path a phishing attack takes, there are two very clear scenarios in which malicious behavior can be mitigated. The first situation is based on Endpoint Security agents that continuously scan and block malicious messages, but it is up to users to install and update the total security software.

The effectiveness of this type of solution is beyond the control of operators and has extremely low adoption rates. In the ideal scenario, operators can protect customers who become victims by clicking on malicious links with a network-based security solution.

These solutions do not require users to take any action and offer opportunities for engagement and high adoption. By embracing the burden of protection and educating customers, operators can help reduce the incidence of cybercrime and make the Internet a safer place for consumers.

Unfortunately, it seems that such an initiative on the part of operators has not been taking place, given the enormous growth of these types of attacks. It seems that we are in yet another case of the good old "each for himself and God for all". It shouldn't be like that, but it is.