Since the beginning of the COVID-19 pandemic, governments have put their countries into lockdowns – forcing businesses to adapt and work remotely. This sudden surge in internet usage has also seen a large increase in cyber-attacks, according to Mimecast’s 2020 state of email security report. The report showed that 61% of companies suffered from a ransomware attack, a 64% increase in email threats and a total of 79% of organizations were negatively affected due to their lack of cyber preparedness.
In order to help defend against cyberattacks, we will outline some of the most common attacks that have occurred during the COVID-19 pandemic to ensure that you can better detect and mitigate these threats:
Phishing attacks occur when an attacker sends out a mass email to many different recipients trying to convince them that they are from a trustworthy source or that they represent an official company. Attackers do this in the hopes that a few victims fall into the trap and then divulge confidential information or are convinced to follow tasks outlined by the attacker such as installing malicious software on their systems that the attack can then utilize.
A spear-phishing attack is very similar to a phishing attack but instead of targeting a large audience, it targets specific individuals and is personalised to each attack. Though this method has a lot smaller reach, it has a much higher success rate due to the attackers doing research on their target and digging up information that can be found outline to make them sound more convincing.
A smishing attack comes in the form of an SMS message, where the attacker will try and convince the victim to click a link which would then unknowingly download malicious software onto the target’s mobile device. This software will then grant the attacker access to personal and confidential information.
Vishing or “voice-phishing” is the most unique of these attacks as instead of emails or messages, it instead involves the attacker conducting their attack over a voice call with the victim. Those conducting vishing will often impersonate a representative of an official company and elicit confidential information to be shared over the phone call which the attack can then use.
With a better understanding of the most common types of cyberattacks, we hope that you can now better defend yourself against them.