Updated: Jun 30, 2022
Pandemic: A new opportunity for fraudsters
In the past year, the pandemic has massively changed the ways we work, bank, and shop through digitalisation. But with increasing shifts towards digitalisation during the pandemic, it has created new opportunities for the fraudsters to get sensitive and private information of users.
Fraudsters are rapidly evolving and expanding their attacks, taking advantage of the panic and confusion generated by COVID-19's chaotic social and economic situation.
People all over the world are becoming more reliant on the internet, which is opening up new doors for many fraudsters as companies and individuals are not keeping their cyber defences up to date.
According to estimates, phishing is the most popular attack tool, accounting for 43 percent of all attacks carried out by fraudsters in the last quarter. Brand bullying accounted for 35% of their assaults, up 13% from the previous quarter. Based on these two forms of threats, it's obvious that scammers are constantly looking for new ways to infiltrate our professional and personal lives by sending carefully designed messages that seem to be from trusted brands or manipulate pandemic-themed events and needs.
Types of cyber frauds:
According to a report by INTERPOL, some of the key assessment of the cybercrime landscape in relation to the COVID-19 pandemic include:
Disruptive Malware (Ransomware and DDoS) - Because of the opportunity for high impact and financial gain, cybercriminals are constantly using malicious malware against sensitive infrastructure and healthcare organizations. Multiple threat organizations that had been largely inactive for a few months, launched a wave of ransomware attacks in the first two weeks of April 2020. According to law enforcement investigations, the majority of criminals measured the maximum amount of ransom they could seek from targeted organizations.
Misinformation - Misinformation and false news are circulating at an alarming rate among the general population. Unverified intelligence, a lack of understanding of risks, and conspiracy theories have both led to community fear and, in some situations, aided the execution of cyberattacks.
Malicious Domains - Cybercriminals have been acquiring domain names containing keywords such as "coronavirus" or "COVID" to take advantage of the increased demand for medical supplies and information on COVID-19. These phony websites are used to support a wide range of malicious operations, such as C2 servers, malware distribution, and phishing. Between February and March 2020, there was a 569 percent increase in malicious registrations, such as ransomware and phishing, and a 788 percent increase in high-risk registrations. and reported to INTERPOL by a private sector partner.
Data Harvesting Malware - Cybercriminals are increasingly using data mining malware such as Remote Access Trojan, knowledge stealers, ransomware, and banking Trojans. Cybercriminals penetrate systems using COVID-19-related knowledge as bait to access networks, steal data, redirect resources, and create botnets.
Phishing and Online Scams: The regular web scams and phishing schemes have been modified by malicious attackers. Cybercriminals leverage COVID-19-themed phishing emails to entice victims into providing sensitive information and uploading harmful material by spoofing government and health officials.
What do stats say:
Statistics say that there has been a massive increase in cyber frauds in the last year. Let’s look at some of those:-
According to the FBI, the number of cyberattack reports received by their Cyber Division has increased to as much as 4,000 a day. That's a 400% rise from what they were doing before the coronavirus.
The annual report of the FBI's Internet Crime Complaint Center is already posted. The 2020 Internet Crime Study contains data from 791,790 alleged internet crime cases, a rise of more than 300,000 complaints from the previous year, and estimated damages of more than $4.2 billion.
Phishing scams, non-payment/non-delivery scams, and extortion were the top three crimes reported by victims in 2020. Business email compromise scams, romance and confidence schemes, and investment fraud all cost victims the most money. In particular, scams based on the COVID-19 pandemic emerged in 2020. Over 28,500 complaints were filed with the IC3(Internet Crime Complaint Center) regarding COVID-19, with fraudsters targeting both businesses and individuals.
Although attackers often used tried-and-true techniques like phishing and identity compromise to unleash their attacks, the total number of attacks was truly staggering, catching many people off guard, ignorant, and unprepared. In March 2020, TechRepublic recorded a 667 percent surge in spear-phishing attacks, and the FBI registered a 400 percent spike in cyber attacks by April.
How to protect yourself from cyber crimes during the pandemic
Be cautious while installing apps:- If you need to work from home during this period, you will find that you are missing some of the applications you use to complete your tasks. However, installing this app on your own will put you and your company at risk. Forcing users to download malware with fake software download files is a common criminal tactic. Instead, reach out to your IT department for assistance, since they may have a list of suggested download locations or ways to provide you with secure access.
Any unusual email should be viewed with a fair amount of skepticism:- When you receive emails from companies you know, you will feel more comfortable opening them. However, it's important to note that cybercriminals use models from reputable outlets to trick users into clicking links to malware-delivering websites, which are intended to entice you to make a purchase or disclose login information.
Protect your passwords:- When it comes to cyber-security, the value of a strong password cannot be overstated. Although using something with a capital letter, a number, and a special character is a nice way to start, it isn't enough. While it is easy to recall a single password for all, cybercriminals may take advantage of this convenience.
Note- If you are fooled by a spam email that directs you to a website that asks you to create an account with your email address and password, never do that. This is a simple way of accessing your personal information.
Keep your gadgets secure:- If you're using your own computer or one provided by your boss, make sure to use caution to keep it secure both physically and digitally. To guard against viruses and ransomware, make sure you have an active antivirus installed. To protect your internet behavior, use a protected Internet connection and store work laptops and phones securely while not in use.