Once businesses sent workers home because of the COVID-19 threat, cybercriminals saw their opportunity.
Hackers are taking advantage of security challenges and stresses on systems that came about thanks to the pandemic, says global computer security software McAfee in its COVID-19 Threats Report for July.
They’re targeting the cloud, and threats across Canada were up 50 per cent.
“Cybercriminals see a remote, distracted, and vulnerable workforce as opportune targets,” the report said.
Insurers and financial service providers have come under unrelenting cyberattack this year, with some cybercriminals even posing as an insurance company in an attempt to infect a user’s system, the report said.
Financial services and insurance providers experienced the fifth-highest increase in attack volume, “What a year so far,” Raj Samani, McAfee fellow and chief scientist, wrote in the report. “What started as a trickle of phishing campaigns and the occasional malicious app quickly turned into a deluge of thousands of malicious URLs and more-than-capable threat actors leveraging our thirst for more information as an entry mechanism into systems across the world.”
Not surprisingly, cybercriminals are targeting employees working from home as a result of the pandemic. “The need for enterprises to quickly quarantine workforces has challenged [security operations centres] and [chief technology officers] to adapt a secure work-from-home model, the scope of which the security industry has never experienced,” the report said.
Fake invoice attachments
Cybercriminals used COVID-19-themed emails from a bogus insurance company to infect users’ systems in mid-April, McAfee reported. The email came with fake invoice attachments carrying the Hancitor malware. Once the fake invoice is downloaded, the script communicates with a command and control server. Additional malware is then placed.
Threats from cybercrime were already top of mind for many insurance professionals before the pandemic, said Rob Boyle, vice-president of specialty solutions — errors and omissions and directors and officers in Canada, and entertainment in North America at Intact Insurance.
“But I think it’s become a greater risk just because companies were so focused on getting everyone set up to work from home so their business could continue operations, for those who were able to. But they didn’t patch those holes up from the get-go,” he told Canadian Underwriter in an interview.
A departure from normalcy and routine have created distractions and anxiety. For example, family needs may have increased during this time, and there are the added stressors of threats such as unemployment and getting sick. As a result, people might not be at the top of their game when it comes to protecting their computers, the report notes.
“While we all have had to contend with pandemic lockdown, criminals of all manner of capability have had a field day,” Samani wrote.
Among the most significant of its findings, McAfee saw 375 attacks per minute taking place. PowerShell malware — also called fileless malware, an attack where malicious code is embedded or loaded into a computer’s memory without writing to disk — were up 689 per cent.
Mobile phones weren’t immune either. The company observed a 71 per cent increase in new mobile malware. Total mobile malware was up 12 per cent, compared to the previous four quarters.
McAfee noted that cybercriminals are using phishing emails to engage with employees and grab a foothold in systems. With people separated from their colleagues, it’s easier for typical checks and balances to go overlooked.
“When a certain person sits down the hall from you, you can walk over and ask, ‘Is this a legit request? What are we talking about here?’” Boyle noted. “But now, you’re in your home office and there are fewer ways to make those little checks.”
How to protect yourself
If you get an email or a text message that asks you to click on a link or open an attachment, answer this question: Do I have an account with the company or know the person that contacted me? If the answer is “No,” it could be a phishing scam.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may say: they’ve noticed some suspicious activity or log-in attempts; claim there’s a problem with your account or payment information; say you must confirm some personal information; include a fake invoice; want you to click on a link to make a payment, say you are eligible for a government refund or offer a coupon for free items.
How to protect yourself
If you’re are working from home – and when using your own personal computer or mobile phone – here are some tips on how to protect yourself against phishing and malware:
- Beware of emails with spelling and grammatical errors
- Never click on unfamiliar links.
- Keep your computer up to date and use security software. Set it up on both your computer and mobile phone to update automatically so it can deal with new security threats.
- Never share your password. Don’t use the same password on more than one site.
- Use multi-factor authentication. This requires two or more credentials to log in: either a password you get by text message, authentication app or a scan of your fingerprint, retina or face.
- Protect your data by backing it up.
- If you’re working from home and receive an email that raises suspicions, contact your IT department.