Source: asiainsurancereview.com

According to Check Point Software, there have been over 4,000 coronavirus-related domains registered globally since January 2020.

Since the end of February 2020, Checkpoint has noticed a huge increase in the number of domains registered – the average number of new domains is almost 10 times more than the average number found in previous weeks. Of these domains, 0.8% were found to be malicious (93 websites), and another 19% were found to be suspicious (more than 2,200 websites).

Coronavirus-related domains are 50% more likely to be malicious than other domains registered at the same period, and also higher than recent seasonal themes such as Valentine’s Day.

Many of the domains are likely to be used for phishing. For example, a widespread targeted coronavirus-themed phishing campaign was recently spotted targeting Italian organisations, hitting over 10% of all organisations in Italy with the aim of exploiting concerns over the growing cluster of infections in the country. Posing as an official from the World Health Organization sharing information on safety precautions during the crisis in an attached document, the e-mail facilitates a Trojan download.

Further, hackers are also using the crisis to promote their malware in special sales, offering ‘COVID-19’ or ‘coronavirus’ as discount codes to amateur cyber attackers. There are also hackers offering online sales of premium goods to average citizens, such as offering a MacBook Air for $390 as a ‘coronavirus special offer’. This is a thinly veiled attempt to inject malware into unsuspecting users’ systems.

Checkpoint’s advice to maintain cyber hygiene during this period is the same as it always has been: To be cautious with emails and files received from unrecognised senders; to order goods and services from authentic sources and retailers; and to be aware of ‘special’ offers which sound too good to be true. “At this point of time there is no cure for the coronavirus and even if there was, it definitely would not be offered to you via an email,” said Checkpoint.