Sun Apr 19 2020
In the past week, an average of 18 million COVID-19 phishing emails were sent per day via Gmail to unsuspecting marks, according to Google.
Unfortunately, phishing scams are still the most effective method that scammers use in compromising accounts and stealing information from organisations.
No matter the size of your business, IT teams are facing increased pressure to navigate the challenges of COVID-19
Google commented to say that its malware scanner uses deep-learning tech to detect malware on over 300 billion each and every week.
Scarily though… 63% of the attachments blocked by Gmail are different on a day to day basis, which is why constant vigilance is so important.
During the last week, we saw 18 million daily malware and phishing emails related to COVID-19.
This is in addition to more than 240 million COVID-related daily spam messages.
Our machine learning models have evolved to understand and filter these threats and we continue to block more than 99.9 per cent of spam, phishing and malware from reaching our end users.
However that means there’s still over 258,000 COVID-19 type spam phishing emails hitting inboxes daily.
The National Cyder Security Centre flagged this back on the 08th of April and in a joint release with the US’s Cybersecurity and Infrastructure Security Agency (CISA) said it had spotted more UK government branded scams related to the disease "than any other subject".
It went on to add that criminals were trying to use weaknesses in VPNs, remote-working tools and software to hit the mark: NCSC and CISA "observed actors scanning" for publicly known vulns in Citrix (CVE-2019-19781).
One in five public-facing Citrix boxes remained unpatched in February and open to attack. Similar vulnerabilities from Pulse Secure, Fortinet and Palo Alto "continue to be exploited", NCSC said.
Malicious cyber actors are also seeking to exploit the increased use of popular communications platforms (such as Zoom or Microsoft Teams) by sending phishing emails that includes malicious files with names such as 'zoom-us-zoom_##########.exe' and 'microsoft teams V#mu#D_##########.exe
cloudThing recently reported that Zoom itself had faced criticism in it’s security
In the wake of these phishing scams Googles advice remains basic common-sense digital security…
· Running security checks
· Don’t download attachments you weren’t expecting
· Check URL’s are correct before logging in to anything
· Report phishing emails
If you're worried about the readiness of your cyber security drop us a line below...
Sun Apr 19 2020