Font Size: A A A

Case Studies

Coronavirus: email phishing attacks

The UK’s official National Cyber Security Centre (NCSC) has launched a ‘Suspicious Email Reporting Service’, for people to forward suspicious emails to the NCSC – including those claiming to offer services related to coronavirus. The NCSC’s takedown services have already removed more than 2,000 online scams related to coronavirus in the last month. That’s including;

– 471 fake online shops selling fraudulent coronavirus related items;
– 555 malware distribution sites set up to cause significant damage to any visitors;
– 200 phishing sites seeking personal information such as passwords or credit card details; and
– 832 advance-fee frauds where a large sum of money is promised in return for a set-up payment.

NCSC Chief Executive Officer Ciaran Martin said: “Technology is helping us cope with the coronavirus crisis and will play a role helping us out of it – but that means cyber security is more important than ever. With greater use of technology, there are different ways attackers can harm all of us. But everyone can help to stop them by following the guidance campaign we have launched today. But even with the best security in place, some attacks will still get through.

“That’s why we have created a new national reporting service for suspicious emails – and if they link to malicious content, it will be taken down or blocked. By forward messages to us, you will be protecting the UK from email scams and cyber crime.”

The NCSC has published advice for personal and professional use of video conferencing services, and tips on setting up accounts, arranging a chat and protecting your device.

If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):


The use of Covid-19 as a lure does not appear to show any sign of slowing down, said Raj Samani, Chief Scientist at cyber firm McAfee. “With a larger proportion of the workforce now working from home, previously inaccessible information assets will need to be more available for remote access and use. If employees access corporate networks from pre-infected unmanaged machines without adequate security measures, it creates a much larger attack surface for cybercriminals and increases the risk of an organisation falling victim to a potential breach or ransomware lockdown. Subsequently, enhanced security measures will be necessary to ensure that information is only made available to those with a clear need to know. For example, strong authentication, data encryption and VPN access will all be vital, as well as collaboration and shared responsibility across the cybersecurity industry to detect and tackle threats.

“There are numerous ways that organisations and individuals can protect themselves online. Just like we are all fighting to flatten the Covid-19 curve through social isolation and washing our hands more often, we should aim to reduce the cyber-attack surface of our organisations by having proper cybersecurity hygiene in place, such as using multi-factor authentication, VPNs, and robust end-point security software.”

Chris Ross, SVP at cyber firm Barracuda Networks says: “The surge in Coronavirus-related email phishing attacks since the crisis worsened has been dramatic, with our own research showing a 667 per cent rise in scams since the beginning of March. These emails are increasingly sophisticated, using official logos and collateral from organisations like HMRC and the NHS to trick unsuspecting victims into handing over personal data and financial information.

“Phishing attacks are always a concern for businesses, but during these difficult times, cyber criminals are putting more time and effort into the quality of these emails, so to the untrained eye they look almost completely legitimate. Aimed at the right remote-worker – as yet unaware of how to spot suspicious content, or behave safely on the internet – a successful breach of this nature spells disaster for a victim or their company.

“Tackling this issue does require a concerted effort from all those who have effected, and it’s great to see that influential public sector bodies, such as GCHQ and NCSC, have already begun to coordinate this effort. With companies working in collaboration, as a community, to ensure the necessary email security systems are in place and raise awareness of as many sophisticated email attacks in circulation as possible.”

According to the remote user access cyber product company CyberArk, 60pc of organisations cite external attacks, such as phishing, as one of the greatest security risks facing their organisation, ahead of other popular techniques such as ransomware. Rich Turner, SVP EMEA at CyberArk says: “That’s because cyber attackers continue seek the path of least resistance, and for many organisations, this remains their employees. Well-crafted phishing emails – especially those that play on the fears of individuals – can often do the trick. Attackers typically use these tactics to gain a foothold within organisations that then allow them access to privileged credentials – those that give control over sensitive data or critical systems.”


Related News