Connect with us

Hi, what are you looking for?

HEADLINES

Kaspersky urges companies to beef up cybersecurity as more employees work remotely

Along with the consistent increase of 2019 coronavirus cases comes the incessant techniques cybercriminals are using to prey on public panic amidst the global epidemic. Kaspersky has continuously been detecting new attack tools being used by malicious threat actors related to COVID-19.

Photo by Taskin Ashiq from Unsplash.com

Along with the consistent increase of 2019 coronavirus cases comes the incessant techniques cybercriminals are using to prey on public panic amidst the global epidemic. Kaspersky has continuously been detecting new attack tools being used by malicious threat actors related to COVID-19. 

During the first week of February, the global cybersecurity company has since warned the public about malicious pdf, mp4 and docx files disguised as documents relating to the then newly-discovered coronavirus. A week after, experts unmasked phishing emails sent to individuals concerned about the virus. To make it more believable, cybercriminals used the Centers for Disease Control and Prevention, which is a real organization in the United States as the source of an email with recommendations about the coronavirus.

C:\Users\gonzales_r\AppData\Local\Microsoft\Windows\INetCache\Content.Word\coronavirus-phishing-scr1.png

Coronavirus phishing e-mails appear to come from the Centers for Disease Control and Prevention (CDC)

The email looks legitimate initially until you click the convincing domain, cdc-gov.org, and find yourself to an Outlook log-in page, a phishing page is meant to steal email credentials.

Most recently, Kaspersky also detected emails offering products such as masks, and then the topic became more commonly used in Nigerian spam emails. Researchers also found scam emails with phishing links and malicious attachments. 

Advertisement. Scroll to continue reading.

One of the latest spam campaigns mimics the World Health Organization (WHO), showing how cybercriminals recognize and are capitalizing on the important role WHO has in providing trustworthy information about the coronavirus. 

Users receive emails allegedly from WHO, which supposedly offer information about safety measures to be taken to avoid infection. Once a user clicks on the link embedded in the email, they are redirected to a phishing website and prompted to share personal information, which ends up in the hands of cybercriminals. 

This scam looks more realistic than other examples Kaspersky experts have seen lately, such as alleged donations from the World Bank or IMF for anyone who needs a loan.

An email allegedly from WHO leads to a phishing website that gathers victims’ personal data

Kaspersky detection technologies have also found malicious files disguised as documents related to the virus. The malicious files were masked under the guise of pdf, mp4 and docx files about the coronavirus. The names of files imply that they contain video instructions on how to protect yourself from the virus, updates on the threat and even virus detection procedures, which is not actually the case. In fact, these files contained a range of threats, from Trojans to worms, which are capable of destroying, blocking, modifying or copying data, as well as interfering with the operation of computers or computer networks. 

Some malicious files are spread via email. For example, an Excel file distributed via email under the guise of a list of coronavirus victims allegedly sent from the World Health Organization (WHO) was, in fact, a Trojan-Downloader, which secretly downloads and installs another malicious file. This second file was a Trojan-Spy designed to gather various data, including passwords, from the infected device and send it to the attacker.

Advertisement. Scroll to continue reading.

An infected Excel file was attached in the email that allegedly included information about the victims of coronavirus

“While medical experts are rushing to find a cure against coronavirus, it is clear that cybercriminals are equally busy trying new techniques and tactics to milk money on organizations and individuals by exploiting the public panic on this current epidemic. Our detections in the APAC region is just the tip of the iceberg. We urge everyone to keep calm but be very cautious at the same time,” comments Stephan Neumeier, Managing Director for Asia Pacific at Kaspersky.

In APAC, Kaspersky has detected 93 coronavirus-related malware in Bangladesh, 53 in the Philippines, 40 in China, 23 in Vietnam, 22 in India and 20 in Malaysia. Single-digit detections were monitored in Singapore, Japan, Indonesia, Hong Kong, Myanmar, and Thailand.

“We would encourage companies to be particularly vigilant at this time, and ensure employees who are working at home exercise caution. Businesses should communicate clearly with workers to ensure they are aware of the risks, and do everything they can to secure remote access for those self-isolating or working from home,” comments David Emm, principal security researcher, Kaspersky.

“It is a known fact that once devices are taken outside of a company’s network infrastructure and are connected to new networks and WIFI, the risks to corporate information increase. It is high time that we boost not only our physical immunity but also our networks’ security against these damaging attacks,” adds Neumeier.

There are a number of steps that can be taken to reduce the cyber-risks associated with home working. Kaspersky advises the following:

Advertisement. Scroll to continue reading.
  1. Provide a VPN for staff to connect securely to the corporate network
  2. All corporate devices – including mobiles and laptops – should be protected with appropriate security software, including mobile devices (e.g. allowing data to be wiped from devices that are reported lost or stolen, segregating personal and work data, along with restricting which apps can be installed)
  3. Always implement the latest updates to operating systems and apps
  4. Restrict the access rights of people connecting to the corporate network
  5. Ensure that staff are aware of the dangers of responding to unsolicited messages
  6. Employ training and activities which will educate employees about cybersecurity basics, for example, to not open or store files from unknown emails or websites as they could be harmful to the whole company
  7. Enforce use of legitimate software, downloaded from official sources.
  8. Make backups of essential data and regularly update IT equipment and applications to avoid unpatched vulnerabilities that can become a reason of a breach

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Some of the most common online transactions include paying bills, making online purchases, and conducting banking activities. With the convenience of digital platforms, people...

HEADLINES

By adding random user data to the database or using a fake QR code, a nefarious actor can easily bypass the verification process and...

HEADLINES

During Sophos X-Ops' investigation, which began in 2023, the managed detection and response (MDR) team found three distinct clusters of activity targeting the same...

HEADLINES

Customers can now choose one of three product tiers tailored to their business requirements, the complexity of their IT infrastructure, and their available resources

HEADLINES

Fraudsters have been spreading fake links on social media, enticing mobile users to register. Once clicked, these fake URLs lead to blogs filled with...

HEADLINES

With this new capability, users will now get an “[Item] Found Moving With You” alert on their device if an unknown Bluetooth tracking device...

APPS

Today, the App Store stands at the forefront of app distribution, setting the standard for security, reliability, and user experience.

HEADLINES

Kaspersky has detected and blocked over 13 million web threats from its security solutions for businesses in Southeast Asia (SEA). Historical data from the...

Advertisement