72% of cyberattacks related to COVID-19 coming via fake emails

72% of cyberattacks related to COVID-19 coming via fake emails
New Delhi, As cyberattacks grow in magnitude globally including in India, cyber criminals now prefer to use Covid-19 in scamming attacks that focus on fake cures and donations, compromising email accounts in Indian organisations.

In fact, 72% of Covid-19-related attacks today are scamming or spear-phishing which is the fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information.

In comparison, 36% of overall attacks were found coming from scammers.

"Nearly 13 per cent of all spear-phishing attacks come from internally compromised accounts, so organisations need to invest in protecting their internal email traffic as much as they do in protecting from external senders," according to the report from cloud-enabled security solutions provider Barracuda Networks.

Business email compromise (BEC) attacks are increasing as cybercriminals see how lucrative this type of attack can be. Attackers' exploitation of fears around the COVID-19 pandemic shows how quickly they can adapt to current events.

"A massive 71% of spear-phishing attacks include malicious URLs, but only 30% of BEC attacks included a link," the findings showed.


"Hackers using BEC want to establish trust with their victims and expect a reply to their email, and the lack of a URL makes it harder to detect the attack".

According to Murali Urs, Country Manager (India), Barracuda Networks, cybercriminals adapt very quickly when they find a new tactic or current event that they can exploit.

"Their response to the Covid-19 pandemic proved it too well. The organisations in India today are facing increasing threats from highly-targeted phishing attacks," he said.

Hackers are using multiple tactics to disguise malicious links and avoid detection by URL protection solutions.

The report took an in-depth look at new tricks being used to successfully execute attacks -- spear phishing, business email compromise, pandemic-related scams, and other types.

"Business email compromise (BEC) makes up 12% of the spear-phishing attacks analysed, an increase from 7% in 2019," the report said.

"The organisation must invest in technology to block attacks and provide training to help people act as a last line of defense and avoid falling victim to scammers' latest tricks," said Urs.

If investigators find Wistron management guilty, here's what is at stake for the company
Antony Waste Handling Cell ₹300-crore IPO will open on Monday— these are the risks and opportunities
INTERVIEW: Ikea CFO says she still has ₹3,500 crore to be spent in India⁠— the pandemic has changed targets but not the investment plan