Pandemic-themed threats are constantly being tweaked to leverage the latest scares, anxieties and control measures. One firm reports its Omicron-linked findings.
In an analysis of its user base data between October 2021 and January 2022, researchers from one cybersecurity firm registered a 521% increase in cyberattacks, coinciding with a worldwide increase in demand for COVID-19 infection testing due to the emergence of the Omicron variant.
This surge has been associated to phishing attacks leverage the high demand for ‘COVID testing’ arising from uncertainties about the new virus variant.
According to the analysis by Barracuda, the trend shows that cybercriminals are using a variety of tactics to get the attention of their victims by taking advantage of their desperation and anxiety. Tactics include sending fake notifications of unpaid orders for COVID-19 tests, where the cybercriminal will provide a PayPal account for receiving of payments to complete purchase of rapid tests; and the impersonating of lab personnel or testing providers to share fake COVID-19 test results.
The firm first noted the link in phishing surges back in March 2020, when the SARS-CoV2 coronavirus was starting to spread rapidly. Its researchers had then observed that phishing attacks linked to the anxieties about the outbreak had jumped 667%. Similarly, when vaccination programs started to roll out at the start of 2021, a new wave of vaccine-related email threats was recorded in the firm’s user base.
According to the firm’s Systems Engineer Manager for the region, Mark Lukie: “Capitalizing on the chaos of the pandemic is not a new trend in the world of cybercrime. But, with constantly evolving tactics, and new trends to take advantage of, it’s easy to see why cybercriminals continue to exploit the situation.”
Lukie noted that pandemic-themed scams are not going to disappear overnight, and suggested that organizations step up employee cyber awareness training, establishing and reviewing fraud detection policies, employing AI-driven email security, and ensuring proper handling of personal and financial information.
