Coronavirus-themed phishing attacks and hacking campaigns are on the rise

Opportunist crooks are exploiting coronavirus as part of their phishing attacks, malware, ransomware and more.
Written by Danny Palmer, Senior Writer

The National Cyber Security Centre (NCSC) is warning that criminals are looking to exploit the spread of coronavirus to conduct cyberattacks and hacking campaigns.

Experts at the NCSC – the cyber arm of GCHQ – have spotted a range of scams and cyber threats that look to take advantage of COVID-19 for their own malicious ends.

Attacks include phishing attacks, credential theft, bitcoin and financial fraud, ransomware campaigns and more.

In many cases, attacks are based around phishing emails containing links or attachments that claim to contain important information about the virus. Once opened, these infect the PC with malware that can be used to exploit the infected victim.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

The NCSC says it has taken measures to automatically uncover and remove malicious websites run by cyber criminals running coronavirus scams and other malicious activity.

This action comes after what the security agency describes as as an increase in the registration of webpages relating to coronavirus, something the NCSC suspects to be the work of cyber criminals looking to exploit the outbreak.

The agency warns that, as the outbreak intensifies, it's likely that the volume of hacking incidents looking to exploit coronavirus will also rise.

"We know that cyber criminals are opportunistic and will look to exploit people's fears, and this has undoubtedly been the case with the coronavirus outbreak," said Paul Chichester, director of operations at the NCSC.

"Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails."

Guidance offered by the NCSC includes how to spot and deal with suspicious emails and how to mitigate and defend against ransomware attacks.

"In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible," Chichester added.

Coronavirus-related cyberattacks have been identified by cybersecurity researchers at companies around the world.

SEE: Coronavirus: Business and technology in a pandemic

They included a Trickbot trojan malware campaign disguised as medical advice about COVID-19 as detailed by Sophos, while researchers at Proofpoint have also identified a number of coronavirus-themed hacking campaigns that install malware including EmotetNanoCore and Azorult.

Security researchers have also warned that state-sponsored hacking campaigns are also beginning to use coronavirus as lures in attacks.

The World Health Organisation (WHO) and the US Federal Trade Commission have both also warned about scammers spreading coronavirus-related phishing attacks via email and social media.


Editorial standards