Some organizations suffered during the pandemic and others thrived. Among those that flourished in the disrupted environment were cybercriminals groups.
According to a new report from cybersecurity firm F-Secure, there was a “significant increase” in malicious emails that used Covid-19 as a theme during the spring, as the virus spread across the globe.
The emails themes varied greatly, from fake PPE orders to websites promising new information about the disease. The goal was to trick concerned victims into exposing their personal (and often financial) data to the fraudsters.
Three in four of these emails contained malicious attachments called infostealers, which scrape data for use in subsequent attacks or financial fraud.
“Cybercriminals don’t have many operational constraints, so they can quickly respond to breaking events and incorporate them into their campaigns. The earliest days of the Covid-19 outbreak left a lot of people confused or worried, and attackers predictably tried to prey on their anxieties,” said Calvin Gan of F-Secure’s Tactical Defense Unit.
“Spotting malicious emails isn’t typically a priority for busy employees, which is why attackers frequently attempt to trick them into compromising organizations.”
F-Secure claims finance was the most frequently spoofed industry, with Facebook the most frequently imitated company.
Infostealers, meanwhile, were the most common type of malware spread via email, and Lokibot the most common malware family.
Although criminals have used a whole arsenal of different weapons during the pandemic, email remains the most popular, accounting for more than half of all infection attempts.