“Hack-for-hire” firms, many of them based in India, are creating accounts spoofing the World Health Organization (WHO) and targeting business leaders in financial services, consulting, and healthcare corporations in the US, the UK and Bahrain among other countries amid the COVID-19 pandemic, according to a report by Google.
The tech giant said that various coronavirus-themed attacks have been discovered and confirmed by its teams as the COVID-19 pandemic has disrupted people’s lives and businesses across the world. Citing an example of one such form of attack, Google said, “We have seen new activity from ‘hack-for-hire’ firms, many based in India, that have been creating Gmail accounts spoofing the WHO”.
“The accounts have largely targeted business leaders in financial services, consulting, and healthcare corporations within numerous countries including the US, Slovenia, Canada, India, Bahrain, Cyprus, and the UK,” Google said in a recent blog post.
These e-mails persuade individuals to sign up for direct notifications from the WHO to stay informed of coronavirus-related announcements and include a link associated with attacker-hosted websites that bear a strong resemblance to the official WHO website, the blog explained.
These sites mainly contain fake login pages that prompt potential victims to give up their Google account credentials, and sometimes encourage individuals to give up other personal information, such as their phone numbers, it added.
According to Google, its Advanced Protection Program (APP) uses hardware security keys and provides the strongest protections available against phishing and account hijackings to help protect users against these kinds of tracks, and was specifically designed for high-risk accounts.
“Generally, 2020 has been dominated by COVID-19. The pandemic has taken center stage in people’s everyday lives, in the international news media, and in the world of government-backed hacking,” the blog said.
Microsoft had also observed a similar trend. It had stated that cyber-attackers are using COVID-19 to make ransomware and phishing attacks, and over 9,000 coronavirus-themed attacks were noticed in India between February 2 and May 2. About 19 million such attacks were noted in Asia.
By Vivek Badoni
Member, Reporters Committee