Researchers studying attempts by scammers to capitalize on the coronavirus pandemic have seen those efforts skyrocket this month, a Silicon Valley cybersecurity firm said Thursday.
Barracuda Networks reported a 667% increase in the number of coronavirus-related “spear-phishing” attacks detected by its services since the end of February.
Spear-phishing attacks typically involve sending emails that are intended to trick the recipient into visiting a website or downloading an attachment that could then be leveraged for malicious means, such as stealing a victim’s personal information like log-in credentials and banking details.
Barracuda reported that its researchers detected 137 attacks referencing the coronavirus pandemic in January. That number spiked during the following months from 1,188 in February to 9,116 between March 1 and March 23.
“Although the overall number of these attacks is still low compared to other threats, the threat is growing quickly,” wrote Barracuda chief technology officer Fleming Shi.
“The attacks use common phishing tactics that are seen regularly, however a growing number of campaigns are using the coronavirus as a lure to try to trick distracted users capitalize on the fear and uncertainty of their intended victims,” he explained in a blog post.
Among the efforts detected by Barracuda was a spear-phishing campaign in which the sender claims to know the recipient’s personal information and threatens to infect them and their family with the coronavirus unless a ransom is paid, wrote Mr. Shi, who said that Barracuda detected that particular scam in more than 1,000 emails sent over a two-day span.
Another tactic spotted by involved sending an invoice, containing malware, accompanied by a note apologizing for a delay blamed on the coronavirus, wrote Mr. Shi, who said that scam was detected by Barracuda more than 3,700 times.
First discovered in China in late December, cases of COVID-19 have spread in the months since to most countries on earth, infecting more than a half-million people and killing over 23,000, according to data maintained by the Center for Systems Science and Engineering at Johns Hopkins University.
The first case of COVID-19 in the U.S. was reported on Jan. 20, and as of Thursday the disease’s nationwide death toll had succeeded 1,000 people.
The U.S. Secret Service cautioned earlier this month that opportunist email scammers were exploiting the coronavirus crisis. The FBI reiterated that warning Friday and said that it was aware of a rise in related schemes.
“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them,” the FBI said in a public service announcement issued last week. “Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information in order to receive money or other benefits.”
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.