PRO CYBER NEWS Hackers Target Companies With Coro
Post# of 82672
(Total Views: 505)
Posted On: 03/13/2020 4:21:45 PM
PRO CYBER NEWS
Hackers Target Companies With Coronavirus Scams
Phishing emails are used to install malware that can give hackers access to company systems
Workers wearing face masks use a robot to spray disinfectant in Wuhan, China, the epicenter of the coronavirus outbreak.
PHOTO: CHINA DAILY/REUTERS
By James Rundle,
BIOGRAPHY
@JIMRUNDLE
JAMES.RUNDLE@WSJ.COM
Catherine Stupp and Kim S. Nash
March 4, 2020
Criminals are using concerns about the coronavirus epidemic to spread infections of their own.
They are forging emails mentioning the outbreak that appear to be from business partners or public institutions in an effort to get users to open the messages, unleashing malware.
The number of malicious emails mentioning the coronavirus has increased significantly since the end of January, according to cybersecurity firm Proofpoint Inc., which is monitoring the activity. The company recently assigned an analyst to track coronavirus threats, something it hasn’t done for prior hacking campaigns related to disasters or major public events, said Sherrod DeGrippo, Proofpoint’s senior director of threat research and detection. Proofpoint analysts now see multiple email campaigns mentioning the coronavirus every workday.
“We don’t typically see events like that. Natural disasters are very localized; events like the Olympics come and go and I think something like the Olympics doesn’t get the clicks that a health scare would,” she said.
The dearth of information about the epidemic, along with plenty of conflicting claims, provides an opening for criminals, said Ryan McConnell, founder of R. McConnell Group PLLC, a law firm in Houston.
MORE FROM WSJ PRO CYBERSECURITY
Battle Brews in Europe Over Connected-Car Data
5G Capabilities Create Information Security Challenges
Researchers Find Gaps in Dockless Scooter Security
Email doctored to look like a company’s purchase order for face masks or other supplies could trick an employee into wiring payments to a fraudulent account, he said. Individuals could provide personal details in response to a phishing attempt that promises information about a company’s remote-work plan, he said.
“With the coronavirus, it’s a heightened risk because it’s a good vehicle for fraud and people are scared,” he said.
Russia-based cybersecurity company Kaspersky Lab said it had detected 403 users of its security products who were hit with about 500 coronavirus-related files. The company hasn’t determined how the malware was planted onto the devices, said Anton V. Ivanov, a malware analyst.
Japanese residents were among the first to be targeted in January and February, with emails purporting to be from regional health-care facilities. The messages contained legitimate contact information for key personnel, according to screenshots of emails and translations provided by the cybersecurity arm of International Business Machines Corp., which has been tracking the scams.
“It was very focused on enterprise users, and came in a message that would look like it’s a reply to something, or a warning that people are getting from the government. It could have been pretty effective at infecting company users,” said Limor Kessem, an executive security adviser at IBM Security who published findings on the campaign.
Attackers have sent emails containing about a dozen types of malware, according to Proofpoint’s analysis. Attacks mentioning the coronavirus are much more creative and sophisticated than typical spam, Ms. DeGrippo said.
A screenshot of a phishing email purporting to be from the World Health Organization.
PHOTO: PROOFPOINT INC.
One email that was sent to companies in the transportation sector purported to be from a World Health Organization employee. It included a WHO logo and instructions about how
to monitor crews aboard ships for coronavirus symptoms, and included an attachment with instructions, according to a screenshot provided by Proofpoint.
The WHO, a United Nations agency based in Geneva, published a warning about coronavirus email scams on its website and asked victims to report emails. The agency has received almost daily reports about phishing attempts mentioning the coronavirus, a spokeswoman said in an email. She declined to provide a tally.
“It’s social engineering at scale, based on a fear. That’s the way to be effective,” Ms. DeGrippo said.
Phishing can be an effective tactic for public health crises, said IBM’s Ms. Kessem, as most major companies and municipal authorities rely heavily on email to communicate policies regarding the outbreak and their plans for handling people who may have been exposed.
Bart McDonough, chief executive of cybersecurity firm Agio LLC, which provides services to hedge funds, investment banks and other financial-services firms, said he has seen emails sent to clients that impersonate municipal health authorities giving businesses information on the virus.
“The Center for Disease Control and World Health Organization fakes, candidly, haven’t been very sophisticated. I think they will improve their level of sophistication as this starts to hit wealthier nations,” he said.
Write to James Rundle at james.rundle@wsj.com, Catherine Stupp at Catherine.Stupp@wsj.com and Kim S. Nash at kim.nash@wsj.com
Corrections & Amplifications
Russia-based cybersecurity company Kaspersky Lab said it had detected 403 users of its security products who were hit with about 500 coronavirus-related files. An earlier version of this article incorrectly said they were hit with 2,673 coronavirus-related files. (March 5, 2019)
Hackers Target Companies With Coronavirus Scams
Phishing emails are used to install malware that can give hackers access to company systems
Workers wearing face masks use a robot to spray disinfectant in Wuhan, China, the epicenter of the coronavirus outbreak.
PHOTO: CHINA DAILY/REUTERS
By James Rundle,
BIOGRAPHY
@JIMRUNDLE
JAMES.RUNDLE@WSJ.COM
Catherine Stupp and Kim S. Nash
March 4, 2020
Criminals are using concerns about the coronavirus epidemic to spread infections of their own.
They are forging emails mentioning the outbreak that appear to be from business partners or public institutions in an effort to get users to open the messages, unleashing malware.
The number of malicious emails mentioning the coronavirus has increased significantly since the end of January, according to cybersecurity firm Proofpoint Inc., which is monitoring the activity. The company recently assigned an analyst to track coronavirus threats, something it hasn’t done for prior hacking campaigns related to disasters or major public events, said Sherrod DeGrippo, Proofpoint’s senior director of threat research and detection. Proofpoint analysts now see multiple email campaigns mentioning the coronavirus every workday.
“We don’t typically see events like that. Natural disasters are very localized; events like the Olympics come and go and I think something like the Olympics doesn’t get the clicks that a health scare would,” she said.
The dearth of information about the epidemic, along with plenty of conflicting claims, provides an opening for criminals, said Ryan McConnell, founder of R. McConnell Group PLLC, a law firm in Houston.
MORE FROM WSJ PRO CYBERSECURITY
Battle Brews in Europe Over Connected-Car Data
5G Capabilities Create Information Security Challenges
Researchers Find Gaps in Dockless Scooter Security
Email doctored to look like a company’s purchase order for face masks or other supplies could trick an employee into wiring payments to a fraudulent account, he said. Individuals could provide personal details in response to a phishing attempt that promises information about a company’s remote-work plan, he said.
“With the coronavirus, it’s a heightened risk because it’s a good vehicle for fraud and people are scared,” he said.
Russia-based cybersecurity company Kaspersky Lab said it had detected 403 users of its security products who were hit with about 500 coronavirus-related files. The company hasn’t determined how the malware was planted onto the devices, said Anton V. Ivanov, a malware analyst.
Japanese residents were among the first to be targeted in January and February, with emails purporting to be from regional health-care facilities. The messages contained legitimate contact information for key personnel, according to screenshots of emails and translations provided by the cybersecurity arm of International Business Machines Corp., which has been tracking the scams.
“It was very focused on enterprise users, and came in a message that would look like it’s a reply to something, or a warning that people are getting from the government. It could have been pretty effective at infecting company users,” said Limor Kessem, an executive security adviser at IBM Security who published findings on the campaign.
Attackers have sent emails containing about a dozen types of malware, according to Proofpoint’s analysis. Attacks mentioning the coronavirus are much more creative and sophisticated than typical spam, Ms. DeGrippo said.
A screenshot of a phishing email purporting to be from the World Health Organization.
PHOTO: PROOFPOINT INC.
One email that was sent to companies in the transportation sector purported to be from a World Health Organization employee. It included a WHO logo and instructions about how
to monitor crews aboard ships for coronavirus symptoms, and included an attachment with instructions, according to a screenshot provided by Proofpoint.
The WHO, a United Nations agency based in Geneva, published a warning about coronavirus email scams on its website and asked victims to report emails. The agency has received almost daily reports about phishing attempts mentioning the coronavirus, a spokeswoman said in an email. She declined to provide a tally.
“It’s social engineering at scale, based on a fear. That’s the way to be effective,” Ms. DeGrippo said.
Phishing can be an effective tactic for public health crises, said IBM’s Ms. Kessem, as most major companies and municipal authorities rely heavily on email to communicate policies regarding the outbreak and their plans for handling people who may have been exposed.
Bart McDonough, chief executive of cybersecurity firm Agio LLC, which provides services to hedge funds, investment banks and other financial-services firms, said he has seen emails sent to clients that impersonate municipal health authorities giving businesses information on the virus.
“The Center for Disease Control and World Health Organization fakes, candidly, haven’t been very sophisticated. I think they will improve their level of sophistication as this starts to hit wealthier nations,” he said.
Write to James Rundle at james.rundle@wsj.com, Catherine Stupp at Catherine.Stupp@wsj.com and Kim S. Nash at kim.nash@wsj.com
Corrections & Amplifications
Russia-based cybersecurity company Kaspersky Lab said it had detected 403 users of its security products who were hit with about 500 coronavirus-related files. An earlier version of this article incorrectly said they were hit with 2,673 coronavirus-related files. (March 5, 2019)
(2)
(0)Zerify Inc (ZRFY) Stock Research Links
WORDS TO LIVE BY:
Never argue with stupid people, they will drag you down to their level and then beat you with experience.
Get .... PrivacyLok https://cyberidguard.com/
Try SafeVchat: https://cyberidguard.com/
My comments are only my opinion and are not to be used for investment advice.
Please conduct your own due diligence before choosing to buy or sell any stock.
Never argue with stupid people, they will drag you down to their level and then beat you with experience.
Get .... PrivacyLok https://cyberidguard.com/
Try SafeVchat: https://cyberidguard.com/
My comments are only my opinion and are not to be used for investment advice.
Please conduct your own due diligence before choosing to buy or sell any stock.
Scroll down for more posts ▼