COVID-19 causes phishing attacks to skyrocket

The COVID-19 outbreak is forcing millions of employees to work from home. This means countless organisations are faced with a unique challenge: how to keep as many business-critical functions running as possible whilst maintaining adequate security.

Phishing attacks have risen an unprecedented 667 percent in the UK compared to February, as malicious actors trick users via fake coronavirus alerts, according to research by Barracuda Networks. Government statistics revealed that 75 percent of large organisations were hacked last year, meaning this enhanced threat is all the more worrying.

Barracuda’s Threat Spotlight research team have seen three main types of phishing attacks using coronavirus COVID-19 themes: scamming, brand impersonation and business email compromise (BEC). 

Authentication platform Veridium argues that COVID-19 is the largest-ever cyber security threat of recent times. While it has shone a light on technology, forcing enterprises to innovate, others are placing their business at risk by taking shortcuts on security measures.

“What makes this situation so difficult are the timeframes,” said James Stickland, CEO of Veridium. ”Where typical changes of this scale are planned, researched, deployed and tested over months and even years, the UK now has just weeks to overcome some very real problems.”

”These circumstances, albeit challenging and worrying, indeed present a long term opportunity for businesses to reassess their security strategies. Many companies are facing increasing scrutiny over their identity verification requirements, particularly video conferencing tools which have exploded in popularity.”

”At this current time, invoking business continuity must be prioritised – ensuring clients are serviced and secure authentication for remote employees is provided.”

Resetting passwords while working from home is a crucial challenge for employees. This is the weakest link in the security trail, with poor password hygiene responsible for over 80 per cent of data breaches, according to Veridium.

“Software based authentication that can be delivered remotely will be key to improving cybersecurity for home workers,” said Stickland. ”Authentication measures that require passwords or PINs put pressure on already inundated or unavailable IT helpdesks through resets.”

“The way the world works will change after this – individuals and businesses will rethink their priorities,” he added. “Flexible working will be more accepted, security will matter more, and relationships will matter more. In the same way it takes a cyber-breach to invest in improving security, this pandemic will make a number of businesses overhaul their remote working strategies. It will be very interesting to see how the business and security world will change.”