If it looks phishy, dont click. COVID-19 is spawning lots of online scams.


Militias hacking. Activity is way up over the past couple of months a report this month from Google found that twelve groups with ties to foreign governments are using content related to covert nineteen to create phishing emails. That try to trick people into turning over personal information or clicking leaks that can install malware hackers commonly used major events news headlines and disasters to try to trick people into making bad decisions so they can compromise their computers and unfortunately right now the cove in nineteen pandemic provides them with a whole lot of beat lily. Hey Newman is a senior writer at wired. Who wrote about the Google report? Google found that state-sponsored hackers from countries around the world are using kind of the cover of the pandemic to mount their attacks. So it's important to note because while there have been a a lot of different types of attacks coming from everywhere as a result of this from criminals from scammers. There was an idea that nation state hackers government-backed hackers might be taking advantage of this as well and Google's report shows that that's the case the what does that look like specifically as it mostly phishing attacks that might be aimed at people who work in corporations or sensitive infrastructure. Right exactly so in one case Google saw a campaign targeting. Us government workers but on their personal email accounts with phishing emails. That were trying to steal those google log in credentials and they were emails that pretended to be from fast food. Companies with coupons. You know you know. They're targeting government workers. But it's your personal account. It's about food. It's you know it feels so totally removed from the types of things people might be looking out for that you can see how it's sort of a clever way to try to take advantage of this right. Have we seen any results from this? I feel like I saw that. I mean certainly. There were zoom emails and passwords for sale. But I feel like I also saw maybe. Who or the Bill Gates Foundation had been targeted right? There have been a number of high profile attacks coming to light so far people are sort of mostly saying either. It doesn't seem that the attacks were successful. Were that not confirmed you know. They're not sure. Basically researchers really cautioned that. It's likely that it's happening. That nation state attackers again from countries around the world mad they are successfully grabbing credentials. And trying to just sort of lay low so just because we haven't heard about the bombshell yet doesn't mean it's not happening right. And what is kind of the worst case scenario here? I mean do you think. Cyber security officials are worried about nine eleven style. Cyberattack attack in the midst of what is already a pretty destabilizing event. It certainly is possible. If you know that someone could mount disruptive offensive cyber security attack like that you know the bigger issue with this specifically is the idea that It's just a fertile time for a huge amount of intelligence gathering so so I think those are the worst case scenario concerns right now and then tell us what it is about this moment that makes us more vulnerable to these phishing. Attempts is it. You know the combination of clever appeals in phishing emails. And just our general destructiveness. I definitely think that's a lot of it. The pandemic just provides so much great fodder and when I say great. I mean problematic chorus because I you know it just goes on and on. It's like you have a people's home living situation being different. Maybe you know they go to the store to get groceries or trying to find toilet paper like all these you know. Acts of daily living are now different but then also their job is different. Or maybe they're out of work or they're in China seek government assistance sore just so many aspects of our daily lives are altered are impacted by the situation that it creates a lot of fodder for all the different types of Guy. You know masquerading emails. You could write pretending to be related to any of those things. It would be more likely to come across as genuine because people are scared. Concern Seeking Information. All feelings of a sense of urgency. That make it more likely that phishing attacks will be successful and then combined with that a you know a lot of people are working from home they're using VPN's their companies are seeing all this remote traffic on their networks and that's now expected because all their workers are remote. But what if someone else's remote you know who isn't supposed to be there? It's a lot easier to hide in that traffic because it it all looks the same so a lot of types of concerns coming out of these conditions lily. Hey Newman is a senior writer. At wired

Coming up next