Combatting Coronavirus Phishing and Malware Attacks

Attackers often look to take advantage of spikes in trends to launch attacks and trick innocent consumers into downloading malware or parting with sensitive, often financial, information. We saw it at the end of last year, when hackers took advantage of the increase in communication around Strong Customer Authentication (SCA) to steal credentials, as well as during Black Friday and Cyber Monday. Sadly, hackers are now jumping on the back of the widespread attention around the Coronavirus to try and bait victims into opening malicious attachments that they believe to be instructions around how to stay safe. Researchers at IBM X-Force have identified several campaigns where opening the attachment results in an Emotet downloader being installed silently in the background. Similarly, Kaspersky revealed that they've found "malicious pdf, mp4 and docx files disguised as documents relating to the newly discovered Coronavirus. The file names imply that they include virus protection instructions, current threat developments, and even virus detection techniques."