SophosLabs is tracking how the use of “COVID-19” and “coronavirus” in domain names, spam, phishing attacks, and malware has skyrocketed in a new Uncut blog, “Facing down the myriad threats tied to COVID-19.” This article is a “live report” that SophosLabs Uncut will update as findings unfold.
Attackers are also increasingly impersonating the WHO (World Health Organization), CDC (Centers for Disease Control and Prevention, North America) and the United Nations (UN), as evidenced in scams tracked by SophosLabs.
“Cybercriminals are wasting no time in shifting their dirty, tried and true attack campaigns toward advantageous lures that prey on mounting virus fears. It’s easy to see, for example, that the attackers behind a new Chloroquine scam (attached) are the same as those behind a recent herbal Viagra scam,” according to Sophos Principal Research Scientist Chester Wisniewski.
“With global spam volumes estimated to be in the hundreds of billions, for 2-3% of those to be COVID-19 themed is significant. Similar to A/B testing of advertisements and web pages, criminals often dip a toe in the water when there is a new or sensational topic in the news. If the new topic proves a more effective lure than the previous scam bait they begin switching to new lures.”