Fortinet Inc.

08/10/2020 | Press release | Distributed by Public on 08/10/2020 09:40

Latest COVID-19 Variants from the Ridiculous to the Malicious

FortiGuard Labs Threat Report

Affected platforms: Various
Impacted parties: Multiple (Individuals and Organizations)
Impact: Collects sensitive information from victims' computers
Severity level: Medium

With the spectre of the COVID-19 pandemic hovering over the world for the past six months, it is not surprising for a majority of the populace has become be desensitized to all the media coverage. Because of this, attackers are trying to squeeze out every last opportunity of using this topic as a lure - strategy commonly used for other major events, ranging from elections to tragedies to sporting events - before they are forced to move on.

As first reported in our March blog, and described in subsequent reports you can read here, here, here, here, and here, attackers have been seizing the opportunity to use the novel coronavirus COVID-19 topic as an effective lure because of its exceptionally high profile. COVID-19 was unique because it potentially affected every living human being on this planet. Because this was a hot topic at the time, causing panicked reactions that emptied store shelves and placed supplies of medical equipment on back order, the most responsive cybercriminals were among the first to exploit the issue. However, given that months have now gone by, it is only natural that the quality of these attacks has started to decline.

Like most trending issues, event-based attacks are short lived. Attackers try to always stay one step ahead of their victims to social engineer them into clicking an enticing link or opening up what appears to be a benign attachment using various compelling reasons. For example, since most stores have restocked their shelves with things like toilet paper and hand sanitizer, and masks can now be purchased at any convenience store, phishing email looking to cash in on panicked buyers looking for those items have now become quite ineffective. Using themes that were relevant months ago but irrelevant now would be a waste of time, and ultimately have a low return on investment.

However, this doesn't stop many of the latecomer criminals from trying. To add to the many examples of attacks seen related to COVID-19 that we have reported on before, below are several examples found this week - ranging from the ludicrous to a new remote access trojan that people should really be aware of.

The Classic 419/Bill Gates/Lottery Scam Reinvented - Two Examples

Below is a phishing email with the subject 'Covid-19 Fund Relieve Award'.