Coronavirus and Cyberattacks

Fraud attacks are now on the rise, with malicious actors launching targeted phishing and malware attacks, capitalizing on the Coronavirus pandemic. Having a strong cybersecurity strategy in place has never been more critical.

The COVID-19 (Coronavirus) pandemic has been challenging for organizations across the globe. Cybercriminals are taking advantage of these uncertain times to launch new attacks. Specifically, phishing attacks have been on the rise. Organizations reaching out to customers providing Coronavirus updates have become an opportunity for fraudsters to send impersonating emails, which may contain harmful attachments or links to malicious sites that aim to harvest sensitive customer credentials.

For example, recent attacks include:

Distributed through phishing emails and malvertising, cybercriminals launched a fake map impersonating John's Hopkins University's Coronavirus dashboard, which contained updates about the virus. Unknowingly to everyone who clicked, the fake map contained a type of spyware that steals usernames, passwords, credit card numbers and other data stored in browsers.

Another phishing campaign had fraudsters posing as the US Centers for Disease Control (CDC) encouraging users to click on a link that contained details about new cases of Coronavirus. The link redirected to a fake website, where these individuals were asked to enter their username and password.

As an organization navigating these difficult times, controlling what you can is key. But it’s impossible to control what your customers access and download, and whether they login to your website from a malware-infected device.

The first thing to know is that most fraud attacks go through a lifecycle. They typically begin with phishing or some type of outreach to customers, followed by malware or threats at the device level, and then account takeovers. The best way to address fraud is to implement the right solutions that protect against targeted attacks.

Here are three solutions you should have in place right now to protect your customers:

• Having an anti-phishing solution is the first and most critical step in this threat environment. This solution should inform you of phishing sites, remove them, and report the impact. Being able to identify which of your customers was targeted and potentially compromised is extremely useful when mitigating threats.

• Website injection monitoring is also helpful. Website injections aim to compromise sensitive information such as usernames, passwords, credit card information, and other personally identifiable information. A proper monitoring solution is invaluable, as it should be able to detect when malware has been injected into your website, immediately inform you that the site has been affected, as well as which customers have been compromised. In today’s climate, with all the links and harmful attacks circulating, the chances of fraudsters launching targeted web injection attacks are high.

• Finally, multifactor authentication (MFA) is incredibly useful. The threat of compromised accounts can be greatly reduced by implementing strong MFA, as opposed to a username/password model. Implementing facial biometrics, or another type of step-up authentication, can help prevent account takeovers, even if the device has been infected with malware.

It’s important to stay vigilant and protect your organization amongst the uncertainty that comes with cyberattacks in the age of Coronavirus. Appgate’s Digital Threat Protection (DTP) suite of products can help to proactively detect, isolate and mitigate cyberthreats like phishing, pharming, and malicious social media impersonation.

We are committed to supporting our community, helping organizations reduce the threat of cyberattacks, and keeping customers safe during these challenging times.