Hack-for-hire firms targeting financial services, healthcare amid COVID-19 pandemic: Google
Hack-for-hire firms, many of them based in India, are creating accounts spoofing the World Health Organisation (WHO) and targeting business leaders in financial services, consulting, and healthcare corporations in the US, the UK, and Bahrain among other countries amid the COVID-19 pandemic, according to a report by Google.
The tech giant noted that numerous coronavirus-themed attacks had been discovered and confirmed by its teams as the COVID-19 pandemic disrupted people's lives and businesses across the world.
Citing an example of one such form of attack, Google said, "We have seen new activity from 'hack-for-hire' firms, many based in India, that have been creating Gmail accounts spoofing the WHO".
"The accounts have largely targeted business leaders in financial services, consulting, and healthcare corporations within numerous countries, including the US, Slovenia, Canada, India, Bahrain, Cyprus, and the UK," Google said in a recent blogpost.
These e-mails encourage individuals to sign up for direct notifications from the WHO to stay informed of coronavirus-related announcements, and include a link to attacker-hosted websites that bear a strong resemblance to the official WHO website, the blog explained.
The sites typically feature fake login pages that prompt potential victims to give up their Google account credentials, and occasionally encourage individuals to give up other personal information, such as their phone numbers, it added.
Google said its Advanced Protection Program (APP) uses hardware security keys and provides the strongest protections available against phishing and account hijackings to help protect users against these kinds of tracks, and was specifically designed for high-risk accounts.
"Generally, 2020 has been dominated by COVID-19. The pandemic has taken centre stage in people's everyday lives, in the international news media, and in the world of government-backed hacking," the blog said.
Microsoft had also recently highlighted a similar trend. It had stated that cybercrooks were using COVID-19 to make ransomware and phishing attacks, and over 9,000 coronavirus-themed attacks were noticed in India between February 2 and May 2. About 19 million such attacks were noted in Asia.