The coronavirus, which has already led to the deaths of more than 1,000 people, is a topic that scammers are corrupting for their own purposes.
Cybercriminals who deal in spam and phishing emails like to pounce on any topic in the news, especially ones that are of concern and worry to a vast number of individuals. The coronavirus, which has already led to the deaths of more than a thousand people, has become an area that scammers are corrupting for their own purposes.
Knowing the topic is critical for many, spammers are sending phishing emails with malicious attachments masquerading as instructions around the coronavirus. A blog posted Thursday by OneSpan offers tips to banks and financial institutions for protecting themselves, their employees, and their customers against this latest scam.
SEE: Phishing attacks: A guide for IT pros (free PDF) (TechRepublic)
Researchers at IBM X-Force have pointed to attackers sending out infected email attachments disguised as coronavirus instructions, OneSpan pointed out. If the unsuspecting recipient opens the attachment, the file silently installs an Emotet downloader to infect the computer. Most of the phishing messages seen so far are in Japanese since the coronavirus has been focused in Asia. But these messages are expected to spread to other countries and likely other languages.
In a recent blog post, security provider Kaspersky found malicious PDF, MP4, and Microsoft Word DOCX files disguised as documents relating to the coronavirus. The scammers imply that the files contain instructions for detecting and protecting against the virus.
These coronavirus-themed phishing emails could affect businesses due to China’s role in the world economy, according to OneSpan. As one example, many companies are being asked if their supply chains will be disrupted because of shipping issues with China. Further, OneSpan said it expects to see the following types of phishing emails trying to take advantage of the virus.
- Delivery companies, such as FedEx or UPS, and online sellers, such as Amazon, with messages about goods sourced from China
- Brokers and investment firms with a message about markets crashing
- Targeted attacks from suppliers saying goods cannot be delivered or will be delayed
- Urgent updates from government and global health agencies on how to avoid infection
Such phishing attacks can affect both corporate and retail banking customers. As such, banks and financial institutions can better protect their customers from these phishing emails by using the right types of fraud detection and prevention systems, as described by OneSpan.
Most fraud detection and prevention systems rely on rules engines to manage fraud. But not all anti-fraud systems are alike. Expert rules engines can help financial institutions with extra rules during greater periods of risk such as certain holidays and natural disasters when customers are more likely to be hit. Dynamic fraud prevention tools can better help companies respond to fast changes in fraud.
Fraud detection systems should also offer specific controls so they can switch to a lower level of trust during periods of higher risk. Temporarily changing thresholds for the scoring model to allow for a larger number of false positives in favor of fewer false negatives is a worthwhile process. Once these coronavirus-themed phishing emails decrease, financial institutions can always dial back the detection to lessen the workload on the fraud team.
“Financial institutions can take steps to better protect themselves, their employees, and even their customers from these threats,” Will LaSala, Senior Director of Global Solutions, Security Evangelist for OneSpan, said in the blog post. “The first step is to be aware of the heightened risk at this time and deploy enhanced safety precautions. Banks and other financial institutions should adjust the rules engines on their fraud detection and prevention systems, monitor user behavior throughout the entire online banking session, and leverage machine learning and advanced risk analytics to identify abnormal user behavior in real time.”