An overload of COVID-19 communication sets the perfect scene for malicious actors, says a UNSW cybersecurity expert.
With a full lockdown looming, working remotely is expected to be the new norm for many professionals. But for many organisations, working outside a secure office environment could lead to vulnerabilities in the maintenance of IT systems that cyber criminals can exploit.
“While the world is grinding to a halt, cyber-attacks are on the rise, preying on public fear and anxiety,” says Yenni Tim, researcher of Cybersecurity at the UNSW Business School.
As the number of COVID-19 victims increased throughout the month of March, so did the number of phishing email attacks. Between 10 and 26 March, the Australian Cyber Security Centre (ACSC) received more than 45 cybercrime and cyber security incident reports from individuals and businesses. All 45 cases were linked to COVID-19 themed scams and phishing activity.
The ACSC reported that many of those phishing emails were sophisticated and contained malicious links to fake websites that automatically installed viruses on the user’s devices once opened. In doing so, cyber criminals have the ability to steal the user’s financial and personal information.
Anxiety and fear fuelling the rise in phishing attacks
In times of crisis, opportunistic malicious actors aim to exploit our vulnerabilities, Dr Tim says.
“Being able to quickly identify common patterns in phishing emails is very important because the health crisis has triggered anxiety and fear in our nation – emotions that malicious actors are always taking advantage of,” she says.
Cyber criminals feed off the fear of individuals, especially during current uncertain times where people are more likely to act irrationally and will do anything to get
