An unfortunate reality in situations like this, is that there are people who seek to take advantage of vulnerabilities through phishing and malware attacks. Cybercriminals have already been actively using Coronavirus (COVID-19) to launch phishing attacks via email and SMS messaging. As more and more people begin working from home, it’s important to be alert for potential phishing attacks. The last thing you need at the moment is to be caught on a phishing hook.
Australian Cyber Security Centre
The Australian Cyber Security Centre has recently issued a warning regarding an SMS-based phishing attack. The message claimed to come from “GOV”, and indicated the recipient had a “new message regarding the COVID-19 safety symptoms”. The recipients were also provided a link to the local testing facilities (pictured below).
People who followed this link were taken to a website that prompted Android users to download and install an application. Anyone who visited the website link on a non-Android device was redirected to a benign Government website instead. The Australian Cyber Security Centre has since warned the SMS message and Android application could be used to steal online banking details. Stating that “the link in these text messages is not legitimate, and if clicked on, may install malicious software on your device, designed to steal your banking details.”
Credit: Australian Cyber Security Centre
Companies like Telstra and Google have blocked the offending domain to protect users from being able to access the site. However, the speed of cybercrime means that copycat domains and similar phishing attacks are likely to appear, whether SMS or email based.
With an increased focus on a mobile workforces in the current climate, it is important to remain vigilant and avoid responding to unexpected messages over any communication platform. It is especially important to avoid following links or opening any attachments in suspicious communications, and we suggest flagging these with your IT department as soon as possible, or deleting them.
If there’s one thing we’re sure of in all of this, it is that cybercriminals will not stop trying to fool us into handing over our personal or business information. While we focus on working from home, we need to be aware that it is more than likely we will see many more phishing attacks target remote workers around Australia.
As mentioned, there has also been a surge in COVID-19 related email phishing scams since January. The most notable of which have been reported on by Cyber security vendor ProofPoint; where emails purportedly sent on behalf of the Australian Medical Association (AMA) and the World Health Organisation (WHO) have contained malicious content.
Such emails have contained malicious content such as; Trickbot malware, one of the worst cyber security threats facing organisations today. The Trickbot malware has the ability to download additional payloads, including Ryuk ransomware, which has the capacity to down global organisations. Other COVID-19 phishing email attacks have been reported to contain Nanocore remote access Trojan, which allows hackers to access infected systems.
We recommend anyone working from home familiarise themselves with their companies’ cyber security policy and to avoid opening any unexpected email document attachments or links. In order to best protect everyone’s personal and business information, report suspicious emails and SMS messages in line with your company’s cyber security policy – it’s definitely better to err on the side of caution in these uncertain times.
Just Keep Swimming
The digital world may seem like a minefield, with phishing attacks hiding malicious malware and Trojan viruses. However, staying alert and following your company’s cyber security policy is the best way to avoid falling victim to one of these attacks. There are some best practice methods for identifying suspicious or potentially malicious phishing attacks; looking for typos and spelling errors is a common yet effective way to identify phishing attempts.
For more information on how you can help protect both your personal information and your employer’s while working from home, consult your IT department and be sure to report suspicious attachments, links and emails in line with their cyber security policy.