Hackers are using a new phishing scheme that uses malicious CVs and medical leave form emails to hide COVID-19 malware.
According to Infosecurity's latest report, the employee health situation and evolving jobs market are being taken advantage of by cybercriminals working under the COVID-19 pandemic by disguising malware in different digital forms of emails.
Also Read: [HACKER] Apple's New Bug Lets Hackers Gain Account Control; iOS 'Sign In With Apple' Vulnerability Can Lead to Malicious Acts
Checkpoint discovered the phishing campaigns in the last few days around spoofed medical leave forms and CV emails. With almost 40 million people currently without jobs because of the restrictions caused by the global pandemic, the level of unemployment in the United States remains high.
Also read: [HACKER] New Malware Uses USBs to Steal Data; Microsoft Vulnerabilities Used to Target Devices
The ratio of CV-related malware has doubled over the past two months according to the security vendor which detected all malicious files. Banking Trojan Zloader, which is hidden in malicious .xls files in emails labeled as "applying for a job" or "regarding job," was featured in one of the phishing campaigns. The report stated that the U.S. Family and Medical Leave Act (FMLA) are separately being taken advantage of by different hackers to lure administrative staff into opening attachments with malicious content.
Hackers use malicious medical leave forms and CV emails to deploy COVID-19 malware
According to Infosecurity, Checkpoint reported that the hackers are sending files with names like "COVID-19 FLMA CENTER.doc." using emails with subjects such as "the following is a new Employee Request Form for leave within the FMLA." According to the security vendor, the overall attacks are starting to increase as businesses begin to open again, although the number of COVID-19 malware attacks has reduced by 7% to 158,000 every week in May.
"In March, when the pandemic was at its peak, we saw a 30% decrease in malware attacks compared to January 2020. This was because many countries went into quarantine and most businesses and other organizations were shut as a result, greatly reducing the potential number of targets for attackers," explained Checkpoint.
The report also said that cybercriminals and hackers are ramping up their malicious activities along with the re-opening of businesses as the world is seeing some relief from the pandemic, lifting the quarantine measures and other restrictions. A 16% increase in cyber-attacks was seen in May comparing the period between March and April when the global pandemic was at its peak.
To help people avoid being a victim of the COVID-19 malware, Checkpoint released a guide that can help individuals protect their personal information. Users must be aware of lookalike domains, unfamiliar email senders, and spelling errors in emails or websites.
They must be extra careful when opening a file received via email from unknown senders. An authentic store must always be in mind when ordering goods online. Avoid clicking promotional links and beware of special offers that pop on your screen. Lastly, avoid reusing passwords between different accounts and applications.