Cyber criminals go phishing using Coronavirus outbreak to swipe data

Cyber criminals are impersonating the World Health Organisation (WHO) in a bid to exploit the global panic over the Coronavirus by swiping money and sensitive data.

WHO released an alert advising customers on how to identify these scams stating that it was aware of the phishing emails.

The emails appear to be from WHO and ask users for sensitive information such as usernames and passwords, to click a link that is malicious or open a malicious attachment.

Google is working with WHO to provide vital information, keep up to date with the Coronavirus and when it is searched for online.

It urged users to verify the email sender’s authenticity before responding by contacting WHO directly.

Going phishing

Tom Bennett, Cyber Incident Specialist at CFC, told Insurance Times that its policies would certainly cover ransomware attacks that were started using this type of phishing attack.

“In fact, we’ve had experience with this variant of ransomware – spread primarily through email, it’s the same as one we’ve seen affecting some of our customers over holiday periods, infecting computers by enticing recipients to download Christmas messages.

“Cybercriminals are always on the lookout for new ways to exploit people - whether it is people’s concern about a global epidemic or their desire to see if their data was compromised in the latest large-scale data breach.

”But this kind of opportunistic behaviour is well-known and really a permanent cyber risk, with cybercriminals shifting tactics as and when news emerges that they feel like they can profit from.

“With the growing volume and sophistication of phishing scams, ransomware and the like, it’s really important that brokers understand the proper practices to stay safe online not only to protect their own business, but to also communicate these to their clients.”

Opportunistic

Meanwhile Stephen Ridley, cyber underwriting manager at Hiscox, told Insurance Times that this type of attack is “nothing unusual”.

“Criminals will always look for opportunities to strike at the right moment. They will always use key incidents to drive their email traffic. It is just the latest in a string of things we have seen.”

In terms of mitigating this risk, Ridley advised clients to implement multi-factor authentication on their online accounts particularly email accounts, as well as making sure software is up to date.

A multi-factor authentication is a security system that uses more than one authentication method from independent categories of credentials to verify a user’s identity such as a password and a pin number.

“With these attacks they [cyber criminals] are trying to harvest credentials such as people’s emails addresses and passwords.

”In this case maybe delivering ransomware or some other malicious software,” he said.

“They can use that email to gain access to systems, particularly business systems – and try to access either financial data or personal data which they can sell or leverage on the dark web,” he said.

Indiscriminate

“Phishing emails are indiscriminate in nature,”  Ridley said.

This is because hackers send this email to as many people possible in the hope that someone opens it or clicks the link in it.

“The biggest warning is that you cannot trust any email, be ultra-careful,” he added.

Education

Ridley advised people to check whether emails looked officials and encouraged them to double check with the organisation by contacting them directly through the company website.

But he warned that not all phishing attacks are not instant as some hackers “lurk surreptitiously”.

When asked what the insurance industry can learn from phishing attacks such as this, Ridley concluded that it was important that customers need to continuously educate on this so that risks are highlighted to them. As well as passing this education on to staff to understand how to spot a phishing email.