COVID-19 spam, phishing emails, plagued users in first half of 2020

Report this content

F-Secure’s attack landscape update highlights attackers’ strategies to capitalize on the COVID-19 pandemic, and other developments with online threats.

Helsinki, Finland – September 17, 2020: While the COVID-19 outbreak has disrupted the lives and operations of many people and organizations, the pandemic failed to interrupt the onslaught of spam and phishing emails targeting people’s inboxes. That’s according to an attack landscape update published today by cyber security provider F-Secure.

According to F-Secure’s Attack Landscape H1 2020 report, which examines developments with online threats during the first half of the year, cyber criminals moved quickly to capitalize on the COVID-19 outbreak. Beginning in March and continuing through most of the spring, there was a significant increase of malicious emails utilizing various COVID-19 issues as a lure to manipulate users into exposing themselves to various email attacks and scams.

COVID-19-related campaigns included in these emails ranged from attempts to trick users into ordering face masks from phony websites, to infecting them with malware via malicious attachments. Three-quarters of attachments in these emails contained infostealers – a type of malware that steals sensitive information (such as passwords or other credentials) from an infected system.

“Cyber criminals don’t have many operational constraints, so they can quickly respond to breaking events and incorporate them into their campaigns. The earliest days of the COVID-19 outbreak left a lot of people confused or worried, and attackers predictably tried to prey on their anxieties,” said Calvin Gan, a manager with F-Secure’s Tactical Defense Unit. “Spotting malicious emails isn’t typically a priority for busy employees, which is why attackers frequently attempt to trick them into compromising organizations.”

Additional trends from the first half of 2020 discussed in the report include:

  • Finance was the most frequently spoofed industry in phishing emails; Facebook was the most frequently spoofed brand.
  • Email was the most popular way of spreading malware, and accounted for over half of all infection attempts.
  • Infostealers were the most common type of malware spread by attackers; Lokibot was the most common malware family.
  • Telnet and SSH were the most frequently scanned ports.

The report also notes that attacks leveraging cloud-based email services are steadily increasing and highlights a significant spike in phishing emails that targeted Microsoft Office 365 users in April.

“Notifications from cloud services are normal and employees are accustomed to trusting them. Attackers taking advantage of that trust to compromise targets is perhaps the biggest challenge companies need to address when migrating to the cloud,” explained F-Secure Director of B2B Product Management Teemu Myllykangas. “Securing inboxes in general is already a challenge, so companies should consider a multilayer security approach that combines protection technologies and employee education to reduce their exposure to email threats.”

The full report is now available on F-Secure’s blog.

 

About F-Secure
Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing the unmatched threat intelligence of hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks, airlines, and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | linkedin.com/f-secure

 

F-Secure media relations
Adam Pilkey
+358406378859

Subscribe