The goals of the attacks range from distributing malware to stealing credentials, and financial gain.
Between March 1 and March 23, Barracuda Sentinel, the company’s AI solution for spear phishing and cyber fraud defense, detected nearly 468,000 spear phishing email attacks, and more than 9,100 of those detections were related to COVID-19. In comparison, nearly 1,200 coronavirus-related email attacks were detected in February, and just 137 were detected in January.
Of the coronavirus-related attacks detected by Barracuda Sentinel through March 23, 54% were scams, 34% were brand impersonation attacks, 11% were blackmail and 1% were BEC.
The goals of the attacks ranged from distributing malware to stealing credentials, and financial gain.
Fleming Shi, Barracuda‘s CTO, tells us scammers are unlikely to invest time and effort into these attacks if they aren’t successful.
“Some will land in users’ inboxes and some users will click or respond,” he said. “Social engineering attacks are responsible for around 93% of data breaches. The more targeted and personalized attacks are, the more likely they are to be successful. Today, with so many workers being remote and often distracted, this makes them even more vulnerable to these attacks. Examples and data presented in this Threat Spotlight are based on attacks that were detected and blocked by Barracuda, but organizations that don’t have the right mix of email security tools will be more vulnerable to these attacks.”
It’s surprising how quickly hackers adapt to the environment and use current uncertainty to their advantage, in addition to how quickly hackers move from simpler scamming attacks to more complex ones like conversation hijacking and BEC, Shi said. And this trend will continue.
MSSPs and cybersecurity providers should focus on three areas: technology, people and data.
“MSSPs must have the right mix of detection tool to block these attacks,” Shi said. “IT resources are often stretched to the limit with so many remote workers requiring support. Automating things like incident response will help free up time for IT to focus on support and business continuity, while keeping the organization secure. Also, they must pay attention to distracted employees and outbound email — check and enable encryption and data loss prevention (DLP) policies to ensure that sensitive information is not accidentally sent to wrong person.”
In addition, MSSPs must keep training their employees to identify and report phishing attacks, and use COVID-19 examples for training purposes, he said.
“Backing up data is more important than ever,” Shi said. “With so many people working remotely, more data than ever before is being stored on Exchange, SharePoint, OneDrive or Teams. Helping organizations back up this data from accidental or malicious loss is critical to maintaining productivity and business continuity during this time.”
Remote working brings both security risks and productivity challenges, he said. Cybercriminals can take advantage of distracted and stressed employees and their email behavior.
Skilled attackers are good at leveraging emotions to elicit response to their phishing attempts, such as the ongoing sextortion campaigns that rely on embarrassment and fear to scam people out of money. With the fear, uncertainty and even sympathy stemming from the COVID-19 situation, attackers have found some key emotions to leverage.
In addition, many of the scams that Barracuda Sentinel detected were looking to sell …
Product Brief: Kaseya VSA Integrated Workflows with BMS and IT Glue
Untangle Research: Breach Headlines to Prompt Increased Cybersecurity Spending
SaaS Alerts Recruits Big Name from Kaseya as CEO
Microsoft, SAP Plan Teams Integration, Expand Cloud Migration Pact
As Threats Soar, Biden Administration, CompTIA Prioritize Cybersecurity
HPE Appoints LongTime HPE/HP Vet as Worldwide Distribution Head
Acquisition-Hungry Sapphire Systems Powers Ahead with US Expansion
Industry Experts Laud Biden Proposal for Increased Federal Cybersecurity Spending
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.