Today the word ‘viral’ is at the centre of our lives. Not only because of the pandemic we have been experiencing for the last two years. Information, news, and, of course, cyber attacks are spread at a fast pace. Thanks to these phenomena, speculative phishing, occurs. This phishing takes advantage of the widespread diffusion of an event, and of the emotions it arouses, to deliver its most dangerous attacks.
This is the case with the latest cybercriminal technique. It uses the fear generated from the Omicron variant to spread malware that steals bank data.
According to the Ansa news agency, the e-mail sent to the victims asked them to check on information regarding a shipment. This information is obviously contained in an attached proforma invoice. To catch the victim’s attention, the criminals mention the new regulations that came into effect in response to the Omicron variant, without adding any other details.
The text of the email contains sentences such as: ‘Attached to this message you will find the Proforma invoice. Please note that the government has implemented new regulations to curb the spread of the Omicron Covid 19 variant. Final documents will be sent after confirmation of the attached information.
The attachment actually contains a Trojan virus, which is difficult to detect and allows cyber criminals to easily gain remote access without the victim’s knowledge. This makes it child’s play for cyber criminals to spread other malware, obviously specialised in stealing sensitive information as bank data.
There have also been other phishing campaigns about ‘Omicron’, characterised by a subject line that speaks of: “COVID-19 test result”. In these e-mails, it is stated that the recipient has been exposed to a colleague who tested positive for the Omicron COVID-19 variant, and a document is attached for the recipient to open for further information.
If the victim opens the Excel document, his or her device is infected with malware interested in collecting sensitive data and, of course, bank data.
After all, the more viral a phenomenon is, the more attractive it is to hackers.
These kinds of campaigns are only the latest in Covid-19 speculative phishing. We remember, for instance, the one concerning the Green Pass last summer.
But there were also other themes, for example Black Lives Matter in the summer of 2020 and Greta Thunberg’s green movements.
How to avoid falling into the trap?
The good news is that simply opening an e-mail does not in itself expose us to the risk of fraud or viruses. The problem arises if we decide to download or open the contents of the e-mail.
It is at this point that awareness must take over and one should not follow the instinct to respond immediately.
First you have to assess some basic elements and ask yourself the appropriate questions:
- Was the e-mail expected?
- Are the sentences written with correct grammar? Or are they stylistically ‘strange’?
- Does the software that should be installed have a specific purpose?
- Do any links in the e-mail point to known websites?
- Is the sender correct?
In any case, even if the situation does not seem to arouse too much suspicion, it is always a good idea to avoid providing personal information or access credentials. Never respond with sensitive information to an e-mail, as no bank or charity, for example, would ever ask for this information by message.
How to curb speculative phishing in times of Smart Working
The risk generated by phishing has greatly increased with the spread of Smart Working, which undoubtedly represents an additional element of strong vulnerability.
While it is true that companies can easily control the technical aspects of work security remotely, they cannot have complete control over the human factor. In order to mitigate the risks, it is necessary to act with constant training and an increase in awareness of the risks linked to the digital world.
Investing in Cyber Security Awareness is therefore one of the best choices a company can make for the present and the future.