Received an email from an unknown source on Covid-19? Beware! It could be a hacker trying to enter your system.

While people are busy protecting themselves from the coronavirus, cyber criminals are unleashing viruses to intrude into computers, laptops and mobiles, cashing in on the pandemic.

With lakhs of people working from home (WFH) — where IT security tends to be more compromised than at workplaces — cyber prowlers scout for the right opportunity to breach firewalls to steal valuable data as well as money from bank accounts.

Real-world telemetry data from K7 Labs of the Chennai-based K7 Computing reveal that from February 2 to March 25, there was a 30 per cent increase in cyber-attacks with 1,756 blocked malicious instances using the Covid-19 theme. Between March 23 and April 9, the average daily number of blocked events increased by about 260 per cent, said J Kesavardhanan, founder and CEO of K7 Computing.

The cyber security industry is working to mitigate threats to key infrastructure and systems that are crucial to the battle against the pandemic, he added.

Range of attacks

These attacks are targeted mainly at institutions, and range from simple phishing attacks to viruses and malicious Android apps, including mobile banking Trojans. In these difficult times, even healthcare systems have not been spared, said Kesavardhanan, adding: “Most worrying is the increase in ransomware attacks that target critical healthcare systems.”

Himanshu Dubey, Director, Quick Heal Security Labs, said that due to Covid-19, most companies are suddenly forced to practise WFH. This has opened the doors for cybersecurity attackers and increased the possibility of a significant spike in hacks and breaches targeting businesses, he added.

The pandemic represents prime time for hackers to launch attacks using targeted coronavirus-themed spam emails, he said. These include malware attacks disguised as sensationalised Covid news and charity pleas; Covid-themed phishing emails impersonating centres for disease control and prevention, and a global email phishing scam carrying the logo of the WHO, he added.

As customers self-isolate, there has been an evident growth in online payments. The shift has created a perfect breeding ground for innovative fraudsters, said Sankarnarayan Lakshmanan, Chief Information Officer, FSS Pvt Ltd, a payment solutions provider.

Interpol’s warning

The Interpol has warned of growing financial fraud attacks linked to the pandemic and has identified some 30 Covid-related fraud scam cases with links to Asia and Europe. This has led to the blocking of 18 bank accounts and freezing of over $730,000 in suspected fraudulent transactions.

R Vittal Raj, an expert in cyber security, said hackers are mainly targeting gullible victims to exploit their anxiety, stress and curiosity over Covid, and security-agnostic users by using phishing attacks, malicious links, social media posts, fake sites, fake government notifications and with fake helpline numbers.

For most white collar employees in India, other than in the IT/ITeS sector, WFH does not come naturally. Their systems are hence fraught with the dangers of insecure/unprotected personal endpoints/internet connections, with most running outdated vulnerable operating systems, he added.