Cybercriminals are often one step ahead of everyone else. They take advantage of popular events and social trends to commit their outrages. In the last two days, two waves of cyberattacks have been detected taking advantage of the crisis coronavirus Covid-19. One of them affects the users of the messaging application WhatsApp.
An investigation by the security firm Panda has discovered an exponential increase in the last 48 hours of cyberattacks that take advantage of moments of uncertainty to try to steal personal data from users. One of the waves detected uses “relatively obsolete” techniques – experts say – to hijack the computer equipment of small companies and freelancers through emails. The second tries to steal personal and banking data from ordinary citizens through deceptions perpetrated from WhatsApp.
Experts acknowledge that cybercriminals employ well-known techniques that, despite everything, remain effective against victims. Instead of using sophisticated methods, they have multiplied the number of emails sent with malware to corporate email addresses. “Perhaps for this reason, it is easier to fall into their traps,” he says in a statement. Herve Lambert, head of operations at Panda Security.
The severity of this wave is due to the fact that fraudulent emails deal with defaults and debts. These are two issues that generate great pressure on the self-employed group, since many face financial difficulties derived from the coronavirus crisis. The investigation shows that most of the messages sent are “phishing” or identity theft emails with which, supposedly, there is a default, putting the recipients on alert. «Cybercriminals are aware that SMEs are being one of the sectors that is suffering the most the economic consequences of the coronavirus crisis, as many are facing a serious liquidity problem right now, “he adds.
The report emphasizes that there have been “thousands of emails aimed at scamming SMEs and freelancers” threatening them with the suspension of hosting services from the website and your business email. The technique, although classic, is still effective: the emails that have been detected in this wave of “phishing” are impersonated by the “webmaster” of the company in question and bear the subject “Your account suspension due to excessive spam.”
The message indicates that you have to click on a link to solve a problem. Once the website is accessed, the criminals ask their victims all their personal and banking data, leaving “sold” to the recipients. “It is important to take all possible precautions during the days of confinement, because cybercriminals are taking advantage of the anguish of millions of people, to make an execrable August at the cost of the coronavirus,” recognizes Lambert.
Another technique that has grown recently during the pandemic is the sending of “malware” through applications such as WhatsApp, the most widely used messaging service in Spain. Thus, experts assure that cybercriminals send indiscriminate emails inviting users to download “apps”, mostly for Android devices, which supposedly serve to monitor the coronavirus.
These are “apps”, supposedly developed by a large bank whose supposed value for the user is a map in real time with the evolution of the disease and its affected. However, when you download the «app», a file of malicious code («malware») is installed on your mobile or tablet that «jeopardizes your entire security».
In turn, experts acknowledge that a high number of accesses are also occurring to a “phishing” website in which the identity of Netflix is impersonated to steal personal and banking data. Specifically, cybercriminals use a link that is being spread by WhatsApp in which the video streaming platform supposedly gives away a free subscription to help families better cope with the confinement caused by Covid-19.