The Covid-19 coronavirus pandemic has forced much of the world to adapt to a new way of life – and for cybercriminals it is no different. According to cybersecurity firm Proofpoint, 80% of scams, hacks and cyberattacks are now coronavirus-themed.

Since the security firm began monitoring for coronavirus scams on 29 January, it has observed over 500,000 messages, 300,000 malicious URLs and 200,000 malicious attachments with coronavirus themes.

And as the virus has spread, the volume of coronavirus scams has exploded.

“Coronavirus-related threat volumes continue to be high, attacks are broad in both nature and scope, and the threat actors behind these attacks are wide and varied,” the Proofpoint report notes. “Most importantly, these campaigns continue to grow, literally by the minute.”

In one credential phishing campaign a scammer pretending to be Microsoft Customer Support asks recipients to download a malicious attachment to “follow the company’s new protocol” in light of an employee testing positive for the virus.

Proofpoint also says infamous threat groups, such as TA542 – the gang behind banking trojan Emotet – and APT36 have pivoted to coronavirus themed cyberattacks.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

A number of other security firms have seen similar trends during the pandemic. Finnish security company F-Secure has witnessed a “significant amount” of protective mask scams. The banking industry has warned of a rise in smishing scams, in which criminals exploit pandemic fears with text messages impersonating financial institutions.

Combating coronavirus-themed scams

In response to the sharp rise in coronavirus-themed attacks, thousands of people in the cybersecurity community have pooled their knowledge and resources into analysing threats and providing advice to health agencies, businesses and consumers.

Some security companies, such as Coveware and Emsisoft, are offering free ransomware decryption tools to healthcare providers.

Cybersecurity company Bitdefender, which observed a 475% increase in coronavirus-related cyber threats, has offered free enterprise-grade security solutions to all healthcare organisations worldwide.

Ed Bishop, chief technology officer at cybersecurity firm Tessian, says that employees working from home during the pandemic should be “even more vigilant when it comes to phishing attacks”.

“Hackers love emergencies and times of uncertainty, because people are scared, distracted, and vulnerable. This makes them ideal targets,” he said.

For more advice on staying safe online during the pandemic check out our top ten tips from cybersecurity experts.


Read more: Coronavirus: Concerns raised about Zoom’s security