Forewarned is forearmed: Kaspersky researchers share their findings on coronavirus scams for users and businesses

Kaspersky researchers have found multipleCOVID-19-related malicious e-mail campaigns

and hundreds of downloadable files that attempt to infect users’ devices with the threats.

While news on coronavirus spread continue to appear and dominate the headlines,

attackers are also looking for opportunities to use this topic in malicious purposes. This is a

very dangerous practice, as it exploits people’s concerns for their health and safety of their

beloved ones in attempt to pressure them into falling for a trick.

 

The researchers have detected malicious files that were masked under the guise of pdf,

mp4

detection procedures, which is not actually the case. In fact, these files contained threats

to users’ devices.

 «The coronavirus, which is being widely discussed as a major news story, has already been

used as bait by cybercriminals. Now, the number of users whose devices have had

malicious files named after the coronavirus on them has risen to 403 in 2020, with a total

of 2,673 detections and 513 unique files distributed. While the numbers rose significantly

compared to the initial statistics we have shared, this threat is still rather minimal,» –

comments Anton Ivanov, malware analyst at Kaspersky.

 

 

 

Some malicious files are spread via email. For example, an Excel file distributed via email

under the guise of a list of coronavirus victims allegedly sent from the World Health

Organization (WHO) was in fact a Trojan-Downloader, which secretly downloads and

installs another malicious file. This second file was a Trojan-Spy designed to gather various

data, including passwords,

encouraging home working in a bid to slow the spread of COVID-19/coronavirus. It is likely that, where feasible, companies will allow more people than ever before to work remotely, so now is a good time for organizations to re-examine security around remote access to corporate systems. Once devices are taken outside of a company’s network infrastructure and are connected to new networks and WIFI, the risks to corporate information increase.

Some malicious files are spread via email. For example, an Excel file distributed via email under the

guise of a list of coronavirus victims allegedly sent from the World Health Organization (WHO) was in

fact a Trojan-Downloader, which secretly downloads and installs another malicious file. This second file

was a Trojan-Spy designed to gather various data, including passwords, from the infected device and

send it to the attacker

ation increase.

We would encourage companies to be particularly vigilant at this time, and ensure employees who are working at home exercise caution. Businesses should communicate clearly with workers to ensure they are aware of the risks, and do everything they can to secure remote access for those self-isolating or working from home. In addition to the increase in remote working, we have also seen cybercriminals trying to piggyback on the virus, hiding malicious files in documents purporting to relate to the disease. So, with this opportunistic approach by criminals, coupled with changes to working habits, it’s wise for businesses to be extra vigilant at this time,” comments David Emm, principal security researcher, Kaspersky.

There are a number of simple steps that can be taken to reduce the cyber-risks associated with coronavirus.

If you are an individual, Kaspersky advises the following:

  • In order to stay safe, we advise users to carefully study the content of the emails they
  • receive and only trust reliable sources. If you are promised a vaccine for the virus or
  • some magic protective measures, or content of the email is making you worried, it has
  • most likely come from cybercriminals.
  • When downloading files, pay attention to the file extension. Even if you download TV
  • show episodes from a source you consider trusted and legitimate, the file should have
  • an .avi, .mkv or mp4 extension. Do not download the file if it is an .exe.
  • Use reliable security solution for comprehensive protection from a wide range of threats, such 

If you are a business, consider taking the following steps:

  • Provide a VPN for staff to connect securely to the corporate network
  • All corporate devices – including mobiles and laptops – should be protected with appropriate security software, including mobile devices (e.g. allowing data to be wiped from devices that are reported lost or stolen, segregating personal and work data, along with restricting which apps can be installed)
  • Always implement the latest updates to operating systems and apps
  • Restrict the access rights of people connecting to the corporate network
  • Ensure that staff are aware of the dangers of responding to unsolicited messages

 

 

 

 

 

 

 

 

 

Check Also

Infinix

Under the “Made in Egypt” Slogan, Infinix Launches HOT 50 Series in the Egyptian Market.

Infinix, the innovative, youth-oriented brand, has announced the launch of its new Infinix HOT 50 …

اترك تعليقاً

لن يتم نشر عنوان بريدك الإلكتروني. الحقول الإلزامية مشار إليها بـ *