Google sees resurgence in state-backed hacking, phishing related to COVID-19 - Comment from an Opentext company Webroot
May 2020 by Marc Jacob
Yesterday, Google’s Threat Analysis Group saw new activity from “hack-for-hire” firms (many based in India), that are creating Gmail accounts spoofing the World Health Organization (WHO). These accounts primarily targeted business leaders in financial services, consulting and healthcare corporations in numerous countries including the United States, Slovenia, Canada, India, Bahrain, Cyprus and UK, the company said.
Kelvin Murray, Senior Threat Research Analyst at Webroot: “We’ve seen larger organisations continue to be targeted for cyber-attacks throughout Covid-19. It’s unsurprising that the World Health Organisation is currently being used as bait, as scams based off current news are always going to be more effective, especially when tied to emotive topics in the public interest. Phishing attempts such as these aim to get people to open malicious links and emotive subjects like medical safety will certainly compel people to open and click emails.
According to Webroot’s 2019 Annual Threat Report, we found that Phishing URLs grew by 640% throughout last year, and it’s because it’s a relatively simple and easy way for attackers to target a large volume of individuals. Our research also revealed that household names such as PayPal, Google and Microsoft topped the most impersonated from the last 12 months – but phishing tactics evolve and shift with the news agenda too. Therefore these threats are only becoming more sophisticated and targeted, using current issues and public concerns such as the coronavirus to appear more believable. We don’t expect attackers to show any mercy during this pandemic, instead they will exploit it in every possible way."