Security consultancy Barracuda has recorded a 667% spike in phishing attacks globally since the start of March as fraudsters attempt to cash in on the Covid-19 outbreak.
Barracuda researchers have been monitoring global phishing activity around Covid-19 since the start of the year, recoding 137 incidents in January, 1,188 in February, rising to 9,116 in March so far, an increase of 66% since the end of February.
Between 1st March and 23rd March 2020, Barracuda Sentinel detected a grand total of 467,825 email attacks globally. Breaking down the data, 9,116 of those detections were related to Covid-19, representing about two percent of attacks.
The attacks use common phishing tactics that are seen regularly, however a growing number of campaigns are using the coronavirus as a lure to try to trick distracted users and capitalise on the fear and uncertainty of their intended victims.
Many of the attacks are disguised as legitimate correspondence from organisations such as the World Health Organisation (WHO) and the National Health Service (NHS), offering help and advice, selling facemask protection and charitable payments to help victims.
Sinister blackmail attempts are also beginning to pop up. For example, researchers saw one attack that claimed to have access to personal information about the victim, know their whereabouts, and threatened to infect the victim and their family with Coronavirus unless a ransom was paid. Barracuda Sentinel detected this particular attack 1,008 times over the span of two days.
Dean Russell MP for Watford and member of the UK Government's Health and Social Care Select Committee comments: “This is a new low for cyber criminals, who are acting like piranha fish, cowardly attacking people on mass when they are at their most vulnerable. It’s vital that the public remain vigilant against scam emails during this challenging time."