08/10/2020 | Press release | Distributed by Public on 08/10/2020 09:40
FortiGuard Labs Threat Report
Affected platforms: Various
Impacted parties: Multiple (Individuals and Organizations)
Impact: Collects sensitive information from victims' computers
Severity level: Medium
With the spectre of the COVID-19 pandemic hovering over the world for the past six months, it is not surprising for a majority of the populace has become be desensitized to all the media coverage. Because of this, attackers are trying to squeeze out every last opportunity of using this topic as a lure - strategy commonly used for other major events, ranging from elections to tragedies to sporting events - before they are forced to move on.
As first reported in our March blog, and described in subsequent reports you can read here, here, here, here, and here, attackers have been seizing the opportunity to use the novel coronavirus COVID-19 topic as an effective lure because of its exceptionally high profile. COVID-19 was unique because it potentially affected every living human being on this planet. Because this was a hot topic at the time, causing panicked reactions that emptied store shelves and placed supplies of medical equipment on back order, the most responsive cybercriminals were among the first to exploit the issue. However, given that months have now gone by, it is only natural that the quality of these attacks has started to decline.
Like most trending issues, event-based attacks are short lived. Attackers try to always stay one step ahead of their victims to social engineer them into clicking an enticing link or opening up what appears to be a benign attachment using various compelling reasons. For example, since most stores have restocked their shelves with things like toilet paper and hand sanitizer, and masks can now be purchased at any convenience store, phishing email looking to cash in on panicked buyers looking for those items have now become quite ineffective. Using themes that were relevant months ago but irrelevant now would be a waste of time, and ultimately have a low return on investment.
However, this doesn't stop many of the latecomer criminals from trying. To add to the many examples of attacks seen related to COVID-19 that we have reported on before, below are several examples found this week - ranging from the ludicrous to a new remote access trojan that people should really be aware of.
Below is a phishing email with the subject 'Covid-19 Fund Relieve Award'.