COVID-19 themed social engineering attacks

As organisations and schools increasingly move to institute social distancing measures with work from home arrangements, how can we stay safe and secure online?

The heightened fear and anxiety around the COVID-19 pandemic is the perfect vehicle for cyber criminals. One of the methods they use is social engineering attacks. Already, there have been reports of coronavirus-themed attacks designed to trick people into opening documents or clicking on links.

As employers rightfully double-down on their social distancing strategy and employees connect to the company network remotely – often through home wi-fi networks (with varying levels of security), cyber-criminals have more opportunities and ways to break into company networks.

COVID-19 themed social engineering attacks

Emotet appears to be the malware of choice for COVID-19 themed social engineering attacks. In one case, hackers sent phishing emails posing as the U.S Center for Disease Control and Prevention, the World Health Organisation and health agencies from specific countries to recipients.

These emails purported to contain infection-prevention measures for COVID-19 and instructed recipients to open attached documents. If opened, the target computer could be infected with malware allowing these hackers to gain an upper hand – and possibly make their way into the company’s network.

A public sector entity of Mongolia was recently targeted by a similar attack. This time in the form of press releases purported to have come from the Mongolian Ministry of Foreign Affairs. The malware was designed to take screenshots, exfiltrate, delete and edit files, and remotely execute processes.

Social engineering prevention

As social engineers manipulate curiosity, fear, anxiety and panic to draw in their victims, awareness and education is the key to prevention.

Employees should be vigilant at all times and the following tips may help improve your cyber resilience to social engineering attacks:

• Don’t open emails and attachments from unknown or suspicious sources
• Where possible, use multi-factor authentication to secure your accounts
• Be wary of tempting offers. If it’s too good to be true, it probably is!
• Keep your antivirus software updated

Consider these other tips to stay safe and secure online

• Using a VPN is an important step in securing your connection to a corporate network.
• Be mindful of where and who you are communicating with. If you are at a café or other public space:
  • Do not use public Wi-Fi
  • Do not work on documents that can be easily overseen by others.
• Look at the security of your home network – change default router usernames and passwords.
• Consider the security of physical documents, USB thumb drives and other media you might be using. Can these be disposed of securely?