- David Goldstein -
192,000 cyberattacks and millions of phishing emails per week plus 90,000 domains as cybercriminals take advantage of COVID-19 pandemic. In the three weeks to 1 May, there were almost 20,000 new coronavirus-related domain names registered with one in six (17%) malicious or suspicious according to the latest update provided by Check Point Software Technologies this week.
There has been a number of organisations including Interpol and Europol warning of fraud related to COVID-19. And it’s not just domain names. Email remains a favourite for criminals with The Verge reporting in mid-April that in one week Google saw more than 18 million daily malware and phishing emails related to COVID-19 scams were sent via Gmail alone plus 240 million daily COVID-19 related spam messages.
With domain names, it’s not just COVID-19 and coronavirus, it’s also everyone’s new favourite the video conferencing software Zoom, which has seen a boom in the current pandemic as people are forced to stay at home. In the three weeks prior to their latest report, which appears to be the three weeks to 1 May, there were around 2,500 new Zoom-related domain names registered (2,449) according to Check Point. 1.5% of these domains were malicious (32) and another 13% suspicious (320). Since January 2020 they report a total of 6,576 Zoom-related domains have been registered globally. And Zoom isn’t the only platform cybercriminals are impersonating – Check Point found both Microsoft Teams and Google Meet have been used to lure victims too.
For coronavirus and COVID-19-related domain names, there have been a number of findings by Check Point including 192,000 coronavirus-related cyberattacks per week, a 30% increase compared to the previous weeks. These involve domain names and files with “covid” or “corona” in their names.
When it comes specifically to domain names, since mid-February Check Point has seen an escalation in the number of coronavirus-related domains being registered. In the previous three weeks there were almost 20,000 (19,749) new coronavirus-related domains registered with 2% of these malicious (354) and another 15% suspicious (2,961).
Since the beginning of the outbreak, a total of 90,284 new corona-related domains have been registered globally.
As the pandemic has evolved around the world, Check Point has observed changes in the domain names being used by cybercriminals. The four stages were: