Situational Awareness – Coronavirus Scam Highlights

With cybersecurity firm Zscaler reporting a near 30,000 percent increase in COVID-19 themed attacks since January, there is no shortage of scams to report. In the weekly COVID-19 Scam Roundup, Tripwire covers CoronaLocker malware, a fake website purporting to be the United Kingdom’s National Health Service (NHS), numerous product scams on the dark web, and Microsoft analysis indicating TrickBot is the leading payload in coronavirus-related attack campaigns. As if Zoom hasn’t had enough to deal with lately, miscreants are using Zoom’s likeness in a phishing campaign purporting to come from HR departments with a request to join a Zoom meeting immediately. When the fake meeting link is clicked, victims are directed to a phony Zoom webpage to login with their corporate email and password. While Zoom has taken the bulk of scrutiny and impersonation among virtual conferencing platforms, this theme can be successfully used for any/all teleconferencing vendors. That said, the surge in use of virtual meetings has forced all platforms to address and improve their security posture.