Update COVID-19 Cybercrime

COVID-19 Update 4/22/2020

During the COVID-19 crisis, our analysts are tracking open-source information sources to keep our followers up to date with COVID-19 Cybercrime. Today’s report:

  • The SBA notified nearly 8,000 business owners of the potential inadvertent disclosure of information, which included names, Social Security numbers, tax identification numbers, addresses, dates of birth, email, phone numbers, marital and citizenship status, household size, income, disclosure inquiry and financial and insurance information, according to a letter sent to business owners, which CNBC obtained.
  • Providers of domain name registration services are under pressure to ensure they are doing all they can to prevent scammers from setting up fake websites to prey on people looking for information related to the COVID-19 pandemic, according to a Dark Reading report.
  • Google’s Threat Analysis Group reported today: Across Google products, we’re seeing bad actors use COVID-related themes to create urgency so that people respond to phishing attacks and scams. Our security systems have detected examples ranging from fake solicitations for charities and NGOs, to messages that try to mimic employer communications to employees working from home, to websites posing as official government pages and public health agencies. Recently, our systems have detected 18 million malware and phishing Gmail messages per day related to COVID-19, in addition to more than 240 million COVID-related daily spam messages. Our machine learning models have evolved to understand and filter these threats, and we continue to block more than 99.9 percent of spam, phishing and malware from reaching our users.

 

We Can Secure Your Remote Infrastructure

IT managers must prioritize cybersecurity as they transition employees to work remotely. This massive shift in operations to a less secure home environment poses significant risks that must be managed.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Intelligence and Insights

How Merchants Can Become PCI-DSS Certified

Follow These 4 Steps to Achieve PCI DSS Certification

For all organizations that process payment cards, the Payment Card Industry Data Security Standard (PCI-DSS) certification is high up the data security and compliance priority list …
ai in penetration testing

How Will AI Change Penetration Testing?

There’s a strong application of AI in penetration testing on the horizon, but the future of penetration testing will be a hybrid approach of human brain & AI …
Vetoes Cybersecurity “Safe Harbor” Bill

Florida Governor Vetoes Cybersecurity “Safe Harbor” Bill

Florida Governor Ron DeSantis vetoed HB 473, a bill that would have extended “safe harbor” from data breach litigation to businesses compliant with certain industry-recognized cybersecurity standards …