Cyber Crime in current world health crisis of “Corona” pandemic is no exception for cyber criminals:-
- Cyberthreats are constantly evolving taking advantage of online behaviour and trends. Cybercriminals are attacking the computer networks and systems of individuals, businesses and even global organisations at a time when cyber defences are reduced due to the shift of focus to the current health crisis.
- There is an increase in cyber-attacks on computers, routers and unprotected home networks used by employees who have switched to remote working due to spread of COVID19
- Cyber Criminals are exploiting the COVID19 outbreak as an opportunity to send phishing mails claiming to have important updates or encouraging donations, impersonating trust worthy organisations.
- With most of the employees working from home, enterprise VPN servers have become paramount to organisations backbone, and their security and availability, must be the focus going forward for IT Teams. It’s important that VPN’s are patched and up to date
- These cyber criminals are use common phishing tactics to steal the data, identity, money from individuals and compromise servers from organisations. Since they are midst of the world health crisis and cannot afford to be locked out of their systems, the criminals believe they are likely to pay, few types of attacks they chose are
- Malicious Website: Many listed domains on the Internet that contain the terms: “coronavirus”, “corona-virus”, “covid19” and “covid-19”.
- Malware: Malware, Spyware and Trojans have been found implanted in interactive coronavirus maps and websites. Spam emails are also deceiving users into clicking on links which download malware to their computers or mobile devices.
- Ransomware: The ransomware can enter their systems through emails comprising infected links or attachments, compromised employee credentials, or by manipulating a vulnerability in the system.
Some of the most important subjects, cyber criminals are using are:-
- The Mask that can prevent Coronavirus now
- How to protect your body from COVID-19
- COVID-19 Solidarity Response Fund for WHO – DONATE NOW
- Coronavirus is spreading, this specialised mask can control it
- PMCARE@SBI / PMCAR@SBI, While the correct one is PMCARES@SBI
- CORONAVIRUS ALERT: FREE Breathing Masks For USA
- Prevention and treatment of Corona Virus
- Fight COVID19 together! Don’t Give Up!
- HDFC EMI Update – Chose the Option
- COVID-19 VACCINE UPDATE
- This can protect you from the Corona Virus
- Feeling Helpless Against Corona?
- COVID-19 Response Fund
Advisory for “CERT – Computer Emergency Response Team”:-
Many organisations have allowed all their employees to work from home to stop the spread of corona virus and they are using various videos conferencing tools for their webinars and office meetings, CERT has identified few vulnerabilities in few of the tools and they are as list below , For more information please log on to www.cert-in.org.in
- Zoom Video Conferencing System – CIAD-2020-0010
- Zoho Video Conferencing System – CIAD-2020-0054
COVID19 – Cyber Crimes Reported in India:-
- PMCARES@SBI is the right UPI Handle, Fraudsters have create similar impersonating handles like PMCARE@SBI, PMCAR@SBI to steal money from public.
- Phishing Emails – Spoofed Email for EMI Moratoriums from Banks
- Phishing Emails – Impersonated Charity Organisation Seeking Donations
Tips to avoid COVID19 Cyber Crimes:-
- Do not to click or any unknown emails / attachments / links / maps, mentioning COVID19 – Scammers are using Phishing Tactics in the name of Charity, Help Desks, Maps & Selling Masks, just to steel your identity or money from you.
- Back up all your important files, and store them independently from your system (e.g. in the cloud, on an external drive);
- Always verify you are on a company’s legitimate website before entering login details or sensitive information.
- Allow remote access to the organisations network strictly with multi-factor authentication.
- Office Administrators must be advised to apply strict application whitelisting, blocking unused ports, turning off unused services, and monitoring outgoing traffic to prevent infections from occurring.
- Ensure you have the latest anti-virus and malware software installed on your computer and mobile devices;
- Office Administrators must consider Mobile Device Management (MDM) and Mobile Application Management (MAM). These tools can allow organisations to remotely implement no of security measures, including data encryption, malware scans and wiping data on stolen devices
- Check the availability and duration of the remote login user actions. Ensure that remote sessions automatically time out for a particular time period of inactivity and that they require re-authentication to gain access.
- Download mobile applications or any other software from trusted platforms only;
- Perform regular health scans on your computers or mobile devices.
- Regularly check and update the privacy settings on your social media accounts;
- Update your passwords and ensure they strong (a mix of uppercase, lowercase, numbers and special characters)
- Change the default passwords of routers and internet service providers