In a new twist, ransomware scammers are fooling victims with emails purporting to be associated with business continuity plans amid the coronavirus pandemic
Well, it seems that hackers are continuing to tailor their phishing emails to the COVID-19 crisis, and they are now using fake messages about business continuity plans and new payment procedures to spread the LokiBot information stealer, according to Microsoft researchers.
In spring of 2020, the Microsoft Security Intelligence team used Twitter to post examples of these messages. One email contained the subject line: “Business continuity plan announcement starting May 2020.” Another subject line announced: “E-Payment Bank Transactions,” with the text of the email describing how payments by check will no longer be accepted during the COVID-19 pandemic.
The emails contain malicious attachments that, if opened, enabled macros that install LokiBot information stealer.
LokiBot malware has the ability to capture an assortment of information, including passwords stored in a browser, email passwords and FTP credentials, according to a report by FortiGuard Labs.
Since the World Health Organization declared COVID-19 a global pandemic in March of 2020, fraudsters, cybercriminals and even some nation-state threat actors have used the healthcare emergency to profit off of the hysteria.
Increase in COVID-19 Scams
In May of 2020, security firm Check Point Software reported that its researchers had recorded 192,000 COVID-19-related attacks each week for a three-week period. These attacks included the deployment of malicious domains and phishing emails.
Check Point also found that nearly 20,000 new domains using either COVID-19 or coronavirus in their names have been registered during the same period. Of these new domains, about 17% of them are considered suspicious or malicious.
Additionally, credit agency TransUnion found that telecommunications, ecommerce and financial services industries have also been severely affected by COVID-19-related fraud and new schemes – including credit card fraud, and a sharp rise in identity theft. Now that’s another symptom of a growing pandemic with no signs of going away any time soon.