The last 18 months have seen a raft of phishing mails, malware and social engineering scams all designed to exploit uncertainty and anxiety arising from the Covid-19 pandemic and related issues. The striking points are the speed with which these scams appeared, how quickly they spread and of course, how large numbers of people fell for them.
A recent survey highlighted the most common types of threats that surfaced during the period which among other things illustrates the cunning with which cyber criminals act. In short as soon as potential hooks for their scams appear they move at lightning speed. This often makes it difficult for people to establish whether phishing mails and scams are genuine and added to this first the scams can come across as polished and professional.
For your information, the following scams highlighted in the survey, illustrate their pervasiveness and hopefully also sound a siren that they haven’t gone away, and more are yet to follow, perhaps with different twists but certainly with the same bad intentions.
- The much maligned NHS Test and Trace service may have taken a beating in the press, but it didn’t distract cyber villains from sending out phishing mails claiming the recipient had been in contact with a Covid-19 diagnosed person. Those who fell for the skanky mail were pointed in the direction of fake websites that either stole personal information or infected devices with malware.
- Vaccine passports were at one point a way of potentially navigating the pandemic safely. The fact that they have only been rolled out in a small way matters little for villains who sent texts asking individuals to register for a vaccine passport. Those who did were sent to a fake website and asked to enter their personal information.
- Royal Mail Phishing scams were, and still are, as common as bills dropping through your letterbox. Add to this other parcel delivery companies and there’s been a near avalanche of spam parcel scams. We don’t see these going away anytime soon so always do a swift double check, so you don’t fall victim to the criminals.
- We admit this one was clever. As people began going back to office after months of home working many were greeted with emails, on their home computers, claiming to be from the manager or CIO saying, ‘Welcome back to the office’. The mail included a link to a ‘hybrid working plan’ that is a schedule for both remote and office working. Except it didn’t. The link led to malware.
- Ransomware have shot up by serious orders of magnitude. According to global consultancy PwC a ransomware attack happens every five seconds. This is a frightening and sobering figure and puts the dangers of ransomware in alarming perspective. Recently, the Sinclair Broadcast Group, which controls hundreds of TV stations across the US, was hit by a ransomware attack on a number of servers and workstations, resulting in outages at numerous TV stations. We could cite a near endless number of victims from hospitals to schools and local authorities and of course individuals but we think you get the picture.
- Over the past 18 months government missives offering advice and guidance to citizens and organisations have become commonplace and this is set to continue into the foreseeable future given pandemic uncertainty. Cyber criminals have aped these communications with glee and will continue to do so by using phishing mails and scam texts that claim to be from official sources. These need to be looked out for carefully.
- Social engineering is a sneaky trick and one that has risen to the fore over the past 18 months. It involves someone contacting you via social media claiming to be somebody they are not and also claiming to offer a service that doesn’t exist. The bottom line is they want to offer a hand of friendship, provide a service or build some common ground before they move in and start fleecing you in one way or another. These scams have been particularly prevalent on LinkedIn but are also found on other social media such as Facebook. If some unknown person sidles up to you whispering digital sweet nothings in your virtual ear don’t hesitate to brush them off like you would a fly on your shirt. Even if their message seems harmless and enticing.
The pervasive ubiquity of these scams is something that we have to live with. They are not going anywhere and in fact they will still be as much of threat in 18 months as they are today. Recognising this and keeping a seasoned eye out for scams like these will go a long way to deflecting the scams.
Add in proven antimalware protection such as BullGuard
, which includes advanced dynamic machine learning to identify attacks are they are evolving, and you’re well equipped to keep the fraudsters at bay.