According to a research analysis report issued by IT security company Barracuda Networks, COVID test-related phishing attacks have risen in the past few months due to the arrival of Omicron, and has posed a serious threat to businesses.
Previously, Barracuda noted that upticks in COVID-related phishing scams occurred during the virus’ onset in March 2020, and when vaccination programmes were rolled out the following year, so too did vaccine-related email threats.
The recent study, performed between October 2021 and January 2022, showed a 521% increase in attacks, suggesting that a global increase in demand for COVID tests led by the wildfire spread of the Omicron variant influenced the surge in COVID test-related phishing attempts.
The report further showed that malicious actors have switched up their tactics to get their victims’ attention, preying on their anxiety and desperation. One of their methods include sending fake notifications of unpaid orders for COVID tests. The cybercriminal then provides a PayPal account through which the victim will send payments to “complete their purchase.” Bad actors also impersonate lab personnel or testing kit providers, and share fake COVID test results.
“Capitalising on the chaos of the pandemic is not a new trend in the world of cybercrime,” said Mark Lukie, Systems Engineer Manager of Barracuda, Asia-Pacific. “But, with constantly evolving tactics, and new trends to take advantage of, it’s easy to see why cybercriminals continue to exploit the situation. Just like the threat of COVID-19, pandemic-themed scams are not going to disappear overnight, but fortunately there are a number of tactics that businesses and consumers can employ to ensure they remain protected.”
Lukie added: “For a start, businesses can leverage sophisticated email security which utilises artificial intelligence to detect and block email attack tactics that are designed to bypass basic gateways and spam filters. Providing employees with up-to-date user awareness training about COVID-related phishing, seasonal scams, and other potential threats is a vital cybercrime prevention method, as is establishing and reviewing existing fraud detection policies, to ensure that personal and financial information is handled properly.”
