BSI warns of increase in Covid-19 phishing campaigns
15 April 2020 | 0
Business improvement company BSI has advised organisations to remain vigilant and alert to phishing attacks during the current Covid-19 pandemic to maintain information resilience.
Several false web domains relating to Covid-19 have been registered and are being used to link to phishing and credential attacks. In Ireland specifically phishing campaigns include BEC (business e-mail compromise) attacks whereby the attacker pertains to be a colleague or someone you know requesting a payment to be made. These types of e-mails can also include ransomware and malware disguised as links to click for further information on meeting notices or company updates. Additional emerging threats cover attackers that are mimicking charities, health organisations or business and financial supports.
Stephen Bowes, global practice director, information & security technologies, BSI, said: “We are living through an exceptional time at present with many employers focused on their staff’s welfare and business continuity. World events like Covid-19 provide vast opportunities for cyber attackers to infiltrate companies and gain user data such as login credentials or financial information. We are seeing attackers increase their presence due to the crisis and with many of the global workforce now working remotely.
“Most recently Interpol has alerted healthcare institutions of targeted ransomware attacks that have the potential to lock them out of their critical systems. Phishing is one of the highest causes for cybercrime and all online users, in work and at home, need to be alert as cases of fraud are rising during this time.
“We want to urge employers and employees to remain vigilant and be aware of the increased risks and make sure you get your information from reputable sources. Don’t get caught off guard by clicking on links in emails and report any suspicious emails to the IT department. If in doubt about the legitimacy of an e-mail that is requesting a payment or specific action, we would advise that you contact the sender by phone to get verification first.”