U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

COVID-19 themed attacks increase in Brazil, India, and UK

Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK. While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using […]

COVID-19

Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK.

While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week.

The IT giant also announced to have blocked more than 240 million spam messages related to the ongoing Coronavirus pandemic.

Google also revealed that hackers are also attempting to impersonate government authorities and healthcare organizations, including the WHO, to trick victims that are in smart working.

The malware scanners implemented by Google are able to block over 99.9% of all spam, phishing, and malware messages sent to Gmail users.

Attackers behind these phishing campaigns that take advantage of the COVID-19 outbreak have been using both financial and fear-inducing baits to make their targets respond to their requests.

Now Google reported a significant increase in COVID-19 themed attacks (malware, phishing, and spam emails) in countries that are facing a major crisis due to the ongoing pandemic, such as Brazil, India, and the UK.

“As COVID-19 attacks continue to evolve, over the past month we’ve seen the emergence of regional hotspots and threats.” reads the post published by Google.

“Specifically, we’ve been seeing COVID-19-related malware, phishing, and spam emails rising in India, Brazil, and the UK. These attacks and scams use regionally relevant lures, financial incentives, and fear to create urgency and entice users to respond.”

For example, the tech giant observed an increase in the number of scams targeting Aarogya Setu, an initiative where the Indian government is trying to connect people across the country with essential health services. Experts are also seeing an increase in the number of attacks masquerading as COVID-19 symptom tracking along phishing scams targeting insurance companies because people are looking to buy health insurance.

In the UK hackers are imitating government institutions to try to gain access to personal information using government measures to help businesses as lures.

In some COVID-19 themed attacks, threat actors also attempted to imitate Google.

In Brazil, threat actors are increasingly targeting streaming services, which are becoming more and more popular in the country due to the Coronavirus outbreak.

“We’ve put proactive monitoring in place for COVID-19-related malware and phishing across our systems and workflows. In many cases, however, these threats are not new—rather, they’re existing malware campaigns that have simply been updated to exploit the heightened attention on COVID-19.” Google concludes.

“These protections, newly developed and already existing, have allowed us to react quickly and effectively to COVID-19-related threats, and will allow us to adapt quickly to new ones.” Google notes.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Coronavirus, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]