We are moving towards the end of the first half of 2021, and the world has already experienced so many cyber attacks this year. Each day, we get updates of cyber threats and data breach faced by the different companies and industries.
Today, we brought the quarterly highlights of some of the important cyber attacks that happened all around the globe.
In the Q1 2021, there seems to be a new banking cyber attack. Generally, for Dutch bank clients it was not a good phase; they have experienced a QR code attack. The digital criminals have sent an email with a QR code to the victims. Once scanned, the users are actually opening up their mobile banking to the hackers. Indeed, it will lead to data leak, or even infect the mobile device.
Moreover, to trap the users, the hackers are sending COVID-19 details in the newsletter email. Specifically, they are alleged to be from MKB bank, and asked to visit the link in the email for Covid-19 details and bank measures. The link was completely fake which redirects users to the Outlook page.
Last year, these offenders exploited the government payout topics, and in Q1 2021, they are scamming people in terms of compensation, by sending emails imitating bank employees. The email links redirects the users to a well-designed web page which contains bank logo and other information. The motive was to get the card information, personal data or any other banking details from the users.
Covid vaccination is a trending topic all around the globe, so for the cyber criminals. In the UK, cyber criminals were found to send emails to people and ask to book their vaccination. The emails seemed to be received from the National Health Service, which was all fraud. In the email, the users were invited to confirm their vaccination, and before completing the registration, they were asked to click the link and participate.
In another attack, elder age group people were targeted by the hackers; it was for people above age 65. In the email, there was a number and asked to contact a clinic to get their vaccination.
In both the above cases, the victims were asked to fill out a registration form with personal data and provide payment details upfront. The website was a hoax, and completion of the details resulted in data breach.
Not only this, the attackers have also stolen people's data using online fake vaccination surveys. Here, the users have received emails from the hackers imitating renowned pharmaceutical companies engaged in producing vaccines for the virus. The email links take the users to a short survey, and also vow to give reward to the survey respondents. Hence, the users are directed to the "gift page" after completing the survey.
To claim the reward, the users need to fill up a form with their details. In addition, it also asks them to pay for the delivery. This is a phisher attack to get their personal information and banking details.
WIth the growing "work from home" culture, employees have become a crucial target for the hackers. People are well aware of the phishing email attacks; thus, hackers find a new way to trap them. These scammers are using respectable email mediums to send malware to their system. For instance, the employees receive the Microsoft Planner notification with a link that redirects them to their monthly office workflow.
Once the employees click on the link, they see a web page which asks for their office email credentials. Generally, this is a malicious page which is created to steal the users' credentials.
This is interesting. We have observed these attacks during the end of last year too. The hackers are sending phishing emails with a low service fee. The less money mentioned in the emails make it less tricky for the users, and many people come into the trap. The intention was simple, that is to target quantity over quality. People received emails for different services such as delivery services, custom clearance, packaging pick up etc.
One email even says "renewal fee for your whatsapp account"; this was insane. If you know that Whatsapp is a free service, and that it does not charge any fee for its regular and even business account. Consequently, these hackers are using every trick to obtain personal information of users, including their card details.
The hackers leave no space to plot a hacking trap. In March, a new kind of cyber attack was observed by educational institutes. The institute receives an email reporting a database hack of its partner company. Moreover, to ensure the hack, they provided a link in the email that displays some of the leaked data, and here is the trick. The link directs to the malware webpage, and spreads into the system. If the school authorities click on the click, they are certainly allowing malware to get into their institution's network.
Another attack is observed using facebook accounts. In this case, users get email from a fake facebook email stating that their account will be suspended. Hence, to prevent the deletion of their account, they need to send a request to facebook using the email link. The aim is to steal facebook credentials of the user using the fake webpage.
The Q1 2021 has shown a decline in spam mail traffic compared to the last quarter of 2020. It counts as 45.67% in Q1 2021, against 47.78% of Q4 2020.
When we checked 2020, we found Germany and Russia on top of outgoing spam mails. Similarly, in 2021 (from Jan to Mar), the respective countries stay at the top.
Top 10 countries by spam are seen as below:
In addition, Kaspersky, cyber security and antivirus solutions reported more than 38 million malicious file attachments in Q1 2021. This is something around 3 million less compared to the last quarter of 2020.
Top 5 countries by malicious mailing:
Top industries attacked:
Hackers are continuing attacking users, tricking them with Covid-19 theme. In addition, as the vaccination has started, these clever offenders can opt any trick to trouble people. They will try their best to keep the emails convincing to attract users and steal their data. In the second quarter 2021, we can continue to observe COVID-19 vaccine scams.
Besides, due to the rising online industries, hackers are actively keeping any eye on web stores and prey on users' online accounts.
Moreover, the attackers may come up with compensation or government schemes related phishing emails to lure people. Also, it is the high-time for employees managing work from home jobs; they are one of the high prospects at this time.
If you get any email for COVID-19 updates or informing any government facility, we strictly advise everyone to visit their official website and apply from there, instead clicking on any email link. Indeed, you can contact the local authorities via phone.
ISOEH is a reputed cyber security firm in India. Our vision is to train people in different cyber security programs so that they can support the digital industry. We offers diverse courses such as ethical hacking, ccna training, app development etc.
Keep following ISOEH bulletins for updated trends and global cyber security news.
Stay safe in 2021!