A WHO or UN are being used more in phishing campaigns since the beginning of May, is the conclusion of Check Point. Since the beginning of the month, security company investigators have identified «192 weekly cyberattacks related to COVID-19».
These data assume a 30% increase in activity compared to previous weeks and, in this new wave of attacks, cybercriminals continue to bet on phishing as the main vector of cyber-threat, this time posing as the World Health Organization ( WHO), by the UN or private companies and applications such as Zoom, Microsoft Team or Google Meet.
These communications contained a file called “xerox_scan_covid-19_Urgent information letter.xlxs.exe”, Which was infected with the Agent Tesla malware, which allows stealing passwords from the victim's device.
Check Point says that since the beginning of the pandemic, more than 90 new domains have been registered worldwide related to the virus. In the last three weeks, the number of registrations has reached 19 749, of which 2% are malicious (354) and another 15% are considered suspicious (2 961).
To be protected against this type of cyber threats, Check Point reinforces the need to be careful with any message or attached file that has been sent by an unknown sender, to look for spelling errors in the body of the text or in the URL itself that may indicate we are facing a false domain, distrust special offers that offer the vaccine against the virus and, lastly, do not reuse passwords between different applications and accounts.
To avoid being the victim of an attack targeted by a known or unknown hacker, read the Less Fios article, which contains tips on how to prevent yourself by clicking here