Studies find more fraudsters using pandemic to steal
As the pandemic forced more consumers and more businesses to go digital for everything from buying groceries to attending virtual business meetings, it also pushed more fraudsters online. API vulnerabilities continue to be an issue for brands, but according to two new reports there is significant risk to both businesses and consumers in the digital space from fraudsters and cybercriminals who are using the COVID-19 pandemic to steal data, money, and other information.
Businesses at great cyber risk because of pandemic
According to new data 9 in 10 UK businesses are at risk of cyberattack because of issues within their IT systems as cybercriminals increase their focus on the digital space. Researchers with Check Point Research found a 50% weekly increase in global cyberattacks (2021 vs. 2020).
“What is particularly surprising is that it is not just the cybersecurity practices of IT teams and those working from home that need to be reinforced and prioritised, but also data compliance. How and where organisations store data is often as or more important than the walls of security we put this data behind – as failure to do so risks not criminal damage, but certified monetary and reputational loss,” said Erik Sonnerskog, Head Engineer, zsah. “The rush to digitise to support workers who could only work from home and the fact that smaller and smaller businesses…has increased the number of operations and data held online – potentially without the right protections.”
Fines another trouble spot for some businesses
If the risk to their data weren’t already putting many executives on edge, researchers with Konica Minolta report that most UK businesses (90%) are at risk of heavy fines because of weaknesses within their IT and data management systems. Because of the EU’s high GDPR laws businesses found to not have good security could face heavy fines, in addition to losses faced should cybercriminals succeed in their attacks.
According to Sonnerskog rather than continue to struggle and potentially leave themselves vulnerable to attack and/or fines, businesses should consult with IT experts to better manage their digital footprint.
Fraudsters target COVID-19 pandemic
It isn’t only businesses at risk from cybercriminals as we head deeper into 2022.
“As we continue to deal with the uncertainties of COVID-19, one thing remains constant; cybercriminals have no issue capitalizing on society’s chaos. Similar to the resurgence of COVID variants, evolving tactics and trends such as exploiting the scarcity of tests may continue to grow alike,” said Fleming Shi, CTO, Barracuda Networks. “In order to remain vigilant, we can work together to resolve this issue by increasing employee/customer phishing awareness training and utilizing advanced threat email security.”
According to Barracuda’s new report phishing attacks using the COVID-19 pandemic have skyrocketed more than 650% YoY as new variants, vaccine roll-outs, and testing options have continued to roll out. Researchers further found:
- 521% increase in COVID test-related scams between October 2021 and January 2022
- COVID scams are targeting both individuals and businesses through malicious links and phishing attacks
Some of the malicious emails offer to sell COVID tests to unsuspecting consumers, then stealing their personal information or using that information to steal money. Others have targeted consumers by sending fake notifications of unpaid COVID testing, prompting the recipient to enter their digital wallet information, allowing the fraudsters to steal their money.