The social media platform is rolling out a new feature with a small audience for now
Tech5 days ago
There has been a steady increase in the number of malicious actors trying to get sensitive information from unsuspecting users by disguising malware as information about Covid-19.
Experts highlighted that cybercriminals are always adapting to the changing security landscape and keeping up with the latest developments that interest users. Right now, this involves everything about the Covid-19 pandemic.
Security company, Proofpoint, has observed the use of Covid-19 in broad-scale social engineering attacks leading to malware, credential phishing, and Business E-mail Compromise (BEC) since the beginning of the pandemic. Covid-19 themes are consistent with current events, and while, initially, the lures were around the virus’ existence, they have now turned to lures revolving around topics such as medical supply shortages.
Proofpoint researchers observed an increase in attacks that leverage the Covid-19 vaccine news, such as approvals of the vaccine by world governments, logistics of vaccine deployment, and distribution of the vaccine to frontline responders and other individuals.
“Although we did not see an increase in the volume of attacks, many threat actors used Covid-19 as an opportunity to employ familiar tactics such as phishing,” said Maureen Perrelli, chief channel officer at Secureworks.
Healthcare, pharmaceutical, and government organisations were targeted by both nation-states and financially-motivated cybercriminals, she added. “These threat actors recognised the large sums of money funding pandemic-related work and targeted the underlying data for financial gain. I believe technology partners are in an ideal position to help organisations mitigate the risk posed by threat actors during this pandemic and beyond.”
Currently, there is an extensive Covid-19 vaccination campaign in the UAE, as the country already administered over 2.06 million vaccine doses, ranking first in the world in the distribution of daily doses and fifth worldwide when it comes to the availability of vaccine.
Given the hype around the Covid-19 vaccines topic, there is also an expected rise of email-borne attacks spreading malware, phishing, and BEC. These exemplify abuse of popular brands such as WHO, DHL, and vaccine manufacturers delivered to users in organisations. The lure themes leveraged a range of topics, including fear that a person had encountered an infected individual; government vaccine approvals and economic recovery fueled by the vaccine; as well as sign up forms to receive the vaccine, information updates, and vaccine shipment delivery.
Perrelli advised organisations to enforce or develop policies to protect remote work equipment, the consumption or transport of sensitive data and establish technical controls to help monitor and enforce these policies.
“For example, install technical controls such as a Mobile Device Management (MDM) solution. Threat actors continue to use proven tactics such as ransomware, malware, and business email fraud. Organisations should deploy advance threat detection and response solutions to constantly monitor their now expanded network footprint. Using multi-factor authentication for internet-facing resources, encrypting sensitive data, and disposing of information securely remain vital best practices to protect against credential abuse,” she said.
rohma@khaleejtimes.com
The social media platform is rolling out a new feature with a small audience for now
Tech5 days ago
Tech genius aims to make the cyber world a safer space
Tech5 days ago
'I think it was a morally bad decision to be clear and foolish in the extreme'
Tech5 days ago
Dubai and the UAE are taking a leap into the future, leading the way in terms of shaping a new reality with Web 3.0. An expert explains how residents and businesses can benefit from it
Tech6 days ago
Match filed lawsuit accusing the tech titan of abusing control of Play Store
Tech6 days ago
Product will be available while supplies last
Tech6 days ago
Ban on former President ‘morally wrong', says Tesla chief
Tech6 days ago
Company agreed to permanently stop selling access to its face database to private businesses or individuals
Tech1 week ago