Here’s how cybercriminals target businesses as employees return to work

The coronavirus is still having a huge impact on the cybersecurity landscape. The latest figures from Check Point show that cyber attacks are taking advantage of work from home employees, unemployment and the Black Lives Matter movement.

Post-lockdown South Africa and cybersecurity

As the coronavirus effects are beginning to manifest around the world, there have been signs that the cyber attack is being targeted on areas such as South Africa where workers are yet to resume work post-lockdown.

The US sees cases spike in some states, and India is recording more than 12 000 cases daily. Some Economies in Europe, Asia and Oceania, are opening again though. This split is beginning to mirror itself in the number of regional cyber attacks.

Check Point data shows a strong correlation between cybercrime impact for organisations and whether the country the organisation is in is still under lockdown.

Methods of cyber attacks

In regions returning to work, there has been a notable decline in organisations affected by malicious COVID-19-related websites.

Cyber attacks have also begun to target those looking for information about COVID-19 testing programs and workplace rules and interventions to prevent infections.

Many companies have had to conduct all their safety messaging and training digitally as they prepare their workers to return to their offices. This has resulted in opportunities for attackers to exploit this.

Researchers see an increase in phishing emails and malicious files disguised as Covid-19 training materials.

Exploiting Black Lives Matter headlines

Cyber attacks are also looking to exploit the other big global news story the Black Lives Matter movement. This news story has been particularly divisive, making it a perfect vector for malicious attacks.

One such campaign saw the Trickbot malware distributed as a .doc file purporting to be an opportunity for users to give their opinion on the movement.

The emails were sent with subjects such as “Give your opinion confidentially about ‘Black Lives Matter'”, “Leave a review anon about ‘Black Lives Matter’ “or “Vote anonymous about ‘Black Lives Matter'”.

Despite this, the total number of weekly attacks decreased in June despite the number of coronavirus-related attacks decreasing. In total, the number of attacks has increased by 18% compared to the average for May.

For the first week of June, there were nearly 130 000 attacks down 24% compared to the average for May.

Here’s how to stay safe

Check Point advises users to familiarise themselves with the following golden rules to stay safe from these opportunistic attacks.

1. Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.
2. Be cautious with files received via email from unknown senders, especially if they prompt for a certain action you would not usually do.
3. Ensure you are ordering goods from an authentic source. One way to do this is NOT to click on promotional links in emails, and instead, Google your desired retailer and click the link from the Google results page.
4. Beware of “special” offers. “An exclusive cure for coronavirus for $150” is usually not a reliable or trustworthy purchase opportunity. At this point of time, there is no cure for the coronavirus, and even if there were, it definitely would not be offered to you via an email.
5. Make sure you do not reuse passwords between different applications and accounts.