Omicron-led spike in COVID-19 test-related phishing poses threat to businesses
A massive Omicron-led spike in COVID-19 test-related phishing attacks in the past few months poses a serious threat to businesses, according to Barracuda Networks.
The provider of cloud-enabled security solutions conducted an analysis between October 2021 and January 2022, where researchers witnessed attacks increasing by 521%, with daily average peaking in early January, coinciding with a worldwide increase in demand for COVID-19 tests as a result of the rapid spread of the Omicron variant.
This surge in COVID-19 test-related phishing attacks is just the latest strategy that cybercriminals have employed throughout the course of the pandemic.
Back in March 2020, when COVID-19 started to spread rapidly, Barracuda researchers observed that COVID-19-related phishing attacks jumped 667%. Similarly, as vaccination programmes started to roll out at the start of 2021, so too did a new wave of vaccine-related email threats.
According to Barracuda, this recent analysis shows that cybercriminals are using a variety of tactics to get the attention of their victims by taking advantage of their desperation and anxiety.
They include sending fake notifications of unpaid orders for COVID-19 tests, where the cybercriminal will provide a PayPal account to send payments to complete purchase of rapid tests, and impersonating lab personnel or testing providers, sharing fake COVID-19 test results.
"Capitalising on the chaos of the pandemic is not a new trend in the world of cybercrime. But, with constantly evolving tactics, and new trends to take advantage of, its easy to see why cybercriminals continue to exploit the situation," says Mark Lukie, systems engineer manager, Barracuda, Asia-Pacific.
"Just like the threat of COVID-19, pandemic-themed scams are not going to disappear overnight, but fortunately there are a number of tactics that businesses and consumers can employ to ensure they remain protected," he says.
"For a start, businesses can leverage sophisticated email security which utilises artificial intelligence to detect and block email attack tactics that are designed to bypass basic gateways and spam filters.
"Providing employees with up-to-date user awareness training about COVID-19-related phishing, seasonal scams, and other potential threats is a vital cybercrime prevention method, as is establishing and reviewing existing fraud detection policies, to ensure that personal and financial information is handled properly."
Lukie says Barracuda strives to make the world a safer place.
"We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data and applications with innovative solutions that grow and adapt with our customers journey.
"More than 200,000 organisations worldwide trust Barracuda to protect them in ways they may not even know they are at risk so they can focus on taking their business to the next level."