According to a joint study published Wednesday (April 8) by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Britain’s National Cyber Security Centre, the attacks are mostly in the form of deceptive or confusing emails with links that appear to be for upgrades to Zoom, Microsoft or other programs used while working from home — but are actually malware and other nefarious ways of stealing peoples’ information.
Microsoft executive Rob Lefferts said in a blog post that hackers had been having a good time of it, too, with more successful attempts at doing their illicit deeds since the virus fundamentally changed western life. He said the media was “all COVID-19, all the time” which had added an “overwhelming” factor that hackers had pounced on and taken advantage of very quickly. Because of the fear and confusion, Lefferts hypothesized, people were likely clicking on fake links with less discrimination than usual.
By offering links and downloadable attachments, the attacks were meant to exploit people by playing off the confusing and difficult times, said Bryan Ware, CISA’s assistant director for cybersecurity.
Hackers have also been known to target the virtual private networks used by companies as ways for employees to log into work from home.
The amount of fraud, scams and misinformation amid the coronavirus pandemic has spread widely in the past month. Amazon has had to scramble to get rid of numerous fake or counterfeit products related to the virus, including some things marketed as cures. Price-gouging has also been a concern, with bottles of Purell hand sanitizer being sold at wildly inflated prices.
The Wall Street Journal reported that mentions of the coronavirus in emails with malware or other hacking software has jumped recently.