The global COVID-19 pandemic has led to a dramatic increase in remote work and online activity, with many people spending more time online due to restrictions, fear, and uncertainty. Unfortunately, as people become more dependent on the internet for work and social interaction, cybercriminals are taking advantage of the situation to launch more sophisticated and convincing attacks.
In late 2020, Jürgen Stock, INTERPOL secretary-general, issued a warning about the alarming pace at which cybercriminals are developing and boosting their attacks. The fear and uncertainty caused by the pandemic have created an ideal environment for cybercriminals to exploit, and many businesses and individuals are not adequately ensuring their cyber defenses are up to date.
One of the most common and concerning forms of cybercrime is phishing. Cybercriminals are becoming increasingly adept at creating highly convincing and tailored phishing schemes. These campaigns often use fake social media profiles and other tactics to lure victims into clicking on malicious links or providing sensitive information. Forrester Research analysts have noted that phishers are now combining voicemail and text to attack victims, making their fraudulent requests appear more legitimate and urgent.
The dangers of phishing were showcased in a case involving an employee at Allegheny Health Network who fell victim to a phishing email and had their email account compromised. The attacker was able to access confidential files for over 8,000 patients, including sensitive information such as financial account data and Social Security numbers.
In addition to phishing, reported losses from crypto-investment schemes have also surged, going from about $100,000 in 2020 to over $2.5 billion in 2022. Victims are often enticed into joining online crypto-liquidity-mining schemes, only to have their cryptocurrency holdings drained by scammers.
One victim was induced to part with $22,000 after being drawn into a flirtatious chat through an online dating app and steered towards a fake mining scheme. Security experts warn that cybercriminals are increasingly using advanced techniques, such as generative AI, to craft convincing messages and lure victims into their scams.
To protect themselves against cybercrimes, the FBI recommends that businesses and individuals take several steps, including updating operating systems and software, training users about phishing threats, and keeping offline backups of data. Users should also be cautious about clicking on links in emails or text messages and verify the legitimacy of websites before entering sensitive information.
Despite the prevalence of cybercrimes, the true number of victims is likely much higher than reported, with many crimes going unreported due to a combination of embarrassment and the perception that law enforcement will not act. Observers estimate that the actual number of cybercrime victims is significantly underreported.
Overall, the increase in remote work and online activity during the COVID-19 pandemic has created significant opportunities for cybercriminals to exploit the fear and uncertainty of the global health crisis. As cybercrimes become more sophisticated and convincing, it is essential for individuals and businesses to take proactive steps to protect themselves against potential attacks.