New global report reveals cybercriminals cashing in on COVID-19
While the world has been focused on managing the healthcare, economic and social consequences of the novel Coronavirus, a war has been quietly raging as cybercriminals leverage the crisis to escalate their activities.
According to a new Mimecast report – entitled 100 Days of Coronavirus – that tracks cybercrime activity since the start of the Coronavirus outbreak, the volume of malicious and opportunistic cybercrime across all types of cybercrime has increased significantly by 33% in the period January to March 2020.
The new report has found that, in the period January to March 2020, monthly volumes of:
- Spam and opportunistic cybercrime detections increased by 26.3%,
- Impersonation fraud detections increased by 30.3%,
- Malware detections increased by 35.16%, and
- Blocking of URL clicks increased by 55.8%, meaning people are more likely now to click on unsafe links than before the outbreak.
Locally, over the months of February and March, as South Africa reported its first case, infection numbers grew and the country moved swiftly into a national state of disaster and lockdown, the Threat Intelligence Team saw dramatic increases in malware, spam and impersonation attacks in Sub-Saharan Africa.
Carl Wearn, Head of E-Crime at Mimecast, said: “Spam increased by 46%, impersonation saw a 75% increase and there was a massive 385% increase in malware. Additionally, we picked up a 97% increase in unsafe clicks by users over the three-month period. This is likely an indication of people letting their guards down and desperate to learn more, as communication channels were flooded with information – both legitimate and fake – about the virus.”
The report also found that in the week that lockdown was announced in South Africa – 23-29 March – the sub-Saharan Africa region suffered a significantly increased level of malware detections in RAR file format. The region was also the most targeted by phishing-related attacks during this week.
In addition, more than 115,000 COVID-19 related spoof domains that are designed to steal personal information have been detected since January.
Wearn said many employees that suddenly find themselves working from home are not sufficiently equipped or aware of cyber threats and may put their organisations at risk by engaging in unsafe behaviour.
“Considering the rise in threats and unsafe clicks as shown by the report, there is an urgent need for organisations to step up their cybersecurity awareness training efforts to ensure employees have the tools and knowledge to avoid risky online behaviour.”
“Given the continuing uncertainty over our immediate future and the impact of the virus on various communities, threat actors and cybercriminals are likely to continue to exploit the situation and to evolve their methods according to the current news cycle – with potentially disastrous consequences for unwary employees and organisations,” concluded Wearn.
Find out more about cyber threats in the first 100 Days of Coronavirus, in this special Mimecast report.
Loading ...