Incidents of cyber crime grow during coronavirus crisis

The coronavirus crisis has led to a boom in remote working but there is growing concern that cyber criminals are trying to capitalise on increased use of emails and internet devices. In response the National Cyber Security Centre (NCSC), a part of GCHQ, has  launched its ‘Cyber Aware’ campaign to help to mitigate threats of increases in cyber crime.

The cross-governmental ‘Cyber Aware’ campaign offers actionable advice for people to protect passwords, accounts and devices. In addition to the broader campaign NCSC has published specific advice for personal and professional use of video conferencing services.

The majority of cybersecurity breaches result from human mistakes. Currently the volume of coronavirus-related phishing emails, that lure unsuspecting recipients into a potential  attack, has risen to unprecedented levels.

Leading cybersecurity specialists Proofpoint say this represents the greatest collection of attack types—united by a single theme—that their team has seen in years, if not ever.

Sherrod DeGrippo, Senior Director of Threat Research and Detection at Proofpoint, said:  “The coronavirus-themed messages we’ve observed are truly social engineering at scale and each is carefully crafted to convince potential victims to click a malicious link, complete a fraudulent payment, or download malicious attachments.

“For more than five weeks our threat research team has observed numerous coronavirus malicious email campaigns with many using fear to try and convince potential victims to click. Criminals have sent waves of emails that have ranged from a dozen to over 200,000 at a time, and the number of campaigns is trending upwards.

“We have currently seen more than 100 different campaigns and over 400,000 emails sent. Initially we were seeing about one campaign a day worldwide, we’re now observing 3-4 each day across several languages, including English, French, Italian, Japanese, and Turkish. This increase underscores just how appealing global news can be for cybercriminals.

“While we are unable to specify exactly how many of these emails have targeted U.K. users, we have seen a high level of English-language campaigns, using the Coronavirus to gauge the attention of and trick recipients.”

The NCSC has also launched the pioneering ‘Suspicious Email Reporting Service’, which will make it easy for people to forward suspicious emails to the NCSC – including those claiming to offer services related to coronavirus.

This will build on NCSC’s existing takedown services, which have already removed more than 2,000 online scams related to coronavirus in the last month, including;

• 471 fake online shops selling fraudulent coronavirus related items
• 555 malware distribution sites set up to cause significant damage to any visitors
• 200 phishing sites seeking personal information such as passwords or credit card details
• 832 advance-fee frauds where a large sum of money is promised in return for a set-up payment

NCSC Chief Executive Officer Ciaran Martin said: “Technology is helping us cope with the coronavirus crisis and will play a role helping us out of it – but that means cyber security is more important than ever.

“With greater use of technology, there are different ways attackers can harm all of us. But everyone can help to stop them by following the guidance campaign we have launched today. But even with the best security in place, some attacks will still get through.

“That’s why we have created a new national reporting service for suspicious emails – and if they link to malicious content, it will be taken down or blocked. By forward messages to us, you will be protecting the UK from email scams and cyber crime.”

Minister for Security James Brokenshire said: “Criminals are seeking to exploit our greater use of emails, video conferencing and other technologies for their advantage.

“I encourage everyone to follow the Cyber Aware advice and to use the Suspicious Email Reporting Service. They provide important new ways in which we can protect ourselves as well as our families and businesses.”

The NCSC’s new guidance on the secure use of video conferencing services builds on a raft of advice published on www.ncsc.gov.uk since the coronavirus outbreak started.

With many people in the UK trying video conferencing for the first time, the advice includes top tips on securely installing the app, creating a strong password and tracking who is joining the chat.

The NCSC also recommends that you do not make meetings public, connect only to people through your contacts or address book – and to never post the link or password publicly.

The Cyber Aware campaign urges people to protect their data passwords, the accounts they protect and the devices they use to access them.

The campaign encourages people to ‘Stay home. Stay Connected. Stay Cyber Aware’, and its top tips for staying secure online are;

1. Turn on two-factor authentication for important accounts
2. Protect important accounts using a password of three random words
3. Create a separate password that you only use for your main email account
4. Update the software and apps on your devices regularly (ideally set to ‘automatically update’)
5. Save your passwords in your browser
6. To protect yourself from being held to ransom, back up important data

This Suspicious Email Reporting Service has been co-developed with the City of London Police. By forwarding any dubious emails – including those claiming to offer support related to COVID-19 – to report@phishing.gov.uk, the NCSC’s automated programme will immediately test the validity of the site. Any sites found to be phishing scams will be removed immediately.