Even into the third quarter of 2020, organizations and enterprises continue to be plagued by ransomware and phishing attacks with subject lines on COVID-19. The Q3 2020 Top-Clicked Phishing Report by cybersecurity firm KnowBe4, highlighted that simulated phishing tests with a message related to the coronavirus was the most popular one, with a total of 50% of tens of thousands of email subject lines that the firm examined.
Another key highlight from the study was that social media messages were another area of concern when it came to phishing, where LinkedIn phishing messages dominated as the top social media email subject to watch out for, holding the number one spot at 47%.
“During this pandemic, we’ve seen malicious hackers preying on users’ biggest weak points by sending messages that instill fear, uncertainty and doubt,” said Stu Sjouwerman, CEO, KnowBe4. “Our Q3 report confirms that coronavirus-related subject lines have remained their most promising attack type, as pandemic conditions weaken judgment, and lead to potentially detrimental clicks.”
The scenario sheds its light on a dire state of affairs where the pandemic continues to be relevant for all three quarters of the year, and may even continue to be a part of the last quarter, if not more. From the onset of the pandemic, Malware and Ransomware campaigns targeting individuals and enterprises rose to alarming levels. An earlier survey from Bitdefender pointed out that 86% of security pros believed common attacks rose during COVID-19. According to the study, 50% of infosec professionals did not have a contingency plan to face a situation like the COVID-19 pandemic. The survey stated that lack of forward planning from organizations resulted in a surge of cyberthreats.
Earlier this year, a hacker group targeted the World Health Organization (WHO) via a sophisticated phishing attack, which involved an email hosted on a phishing domain that tried to trick the employees into entering their credentials. Researchers also discovered threat actors distributing malware disguised as “Coronavirus Map” to steal personal information that is stored in the user’s browser.
2020 was also the year which was a spike in espionage attacks from state-sponsored actors in a bid to steal vaccine development. At a time when ransomware kits are sold on the Dark Web, hackers leveraging COVID-19 for malicious activities have become even more concerning.
“With ransomware being sold as a service, it doesn’t matter for the victim companies where the attack comes from. The only factor that companies need to consider is that they’re attacked by professionals, they are probably going to give them the key if they pay the ransom, because if the word gets around that they’re not getting the key, no one’s going to pay the ransom anyway. So, if a company wanted to pay the ransom in case they weren’t fully protected, they might hope that the perpetrator is a professional and knows how to provide the key. Of course, paying ransom is never a long-term solution and serves to exacerbate the problem,” said Jeff Lanza, retired FBI Special Agent to CISO MAG in an earlier interview.