In addition to being a global healthcare catastrophe, the ongoing coronavirus COVID-19 outbreak is causing damage to digital infrastructure in the ever-connected cyber world. Unfortunately, hackers continue to use the situation to their advantage by all means. As we are writing, cybercriminals are using the coronavirus fear among people to turn the tide in their favor.
Coronavirus-themed phishing attacks on the rise
Experts continue to witness a rise in coronavirus-themed phishing and malware attacks. Recently, we explained how hackers are sending out fake, malicious emails in the pretext of coronavirus related information, aiming to lure victims into the trap.
In reality, the attached Word document consists of a Visual Basic for Applications (VBA) script as a macro. This script drops a malicious payload that ultimately delivers malware. Recently, hackers were caught using a similar technique in order to install Trickbot and Emotet malware into the victim’s computer.
Microsoft acknowledges 91% of these attacks start with email. What’s more, hackers use a dubious Microsoft Word document attachment that installs malware payload on the victim’s computer. Now, Microsoft is cracking down on bad actors to stop the spread of coronavirus-themed phishing attacks. In a recent blog post, Microsoft wrote:
“First, 91 percent of all cyberattacks start with email. That’s why the first line of defense is doing everything we can to block malicious emails from reaching you in the first place. A multi-layered defense system that includes machine learning, detonation, and signal-sharing is key in our ability to quickly find and shut down email attacks.”
In its fight against coronavirus-themed phishing attacks, Microsoft says that it uses various mechanisms to detect a malicious email, URL, or attachment. If it detects a malicious activity taking place in the form of a suspicious URL or email attachment, the company says it blocks the message so that it doesn’t appear in your inbox.
Microsoft uses machine learning and anomaly analyzers to detect malicious behavior. It also uses human security analysts to evaluate user-submitted reports of suspicious emails. The company further shares threat insights with Microsoft Defender Advanced Threat Protection (ATP).
Microsoft wrote about a recent example of a spear-phishing attack where the campaign did not last more than 30 minutes. However, users are advised to take precautions and be extra careful about email attachments. Microsoft has also recommended users to pay attention to some of the obvious cues like spelling mistakes, bad grammar, suspicious URLs and email attachments.