Cybercriminals have been observed over the course of the pandemic using COVID-related lures against victims' concerns amid a worldwide crisis.
Cybercriminals leveraging the pandemic for malicious acts.
Proofpoint has released research detailing how threat actors took advantage of the COVID-19 pandemic for personal gain.
The report highlights how threat actors are creatures of opportunity, acting when a threat is of relevance to their audience. In this case, threat actors could cast a wide net, as COVID-19 was relevant to the entire world. It was noted that the pandemic also provided a good background for any type of cybercrime. The pandemic was also a big change in both personal and business-related matters, so social engineering tactics were found to target both.
It was found that scams related to operations of one’s company were the most effective at garnering interaction. It was found that COVID-related scams, overall, were more compelling to a victim than other topics, and messaging related to changing topics within the COVID atmosphere were highlighted commonly in lures.
Government actions related to COVID scams.
The Treasury, the Department of Health and Human Services, the Federal Trade Commission, the Federal Communications Commission, and USA.gov have for some time provided varying, but similar and consistent messaging in relation to covid scams, taking note of individual scams applicable to their departments and ways to mitigate and avoid them. The FTC, in particular, also highlights what the agency has been doing to fight the scams, and includes related law enforcement actions.