COVID-19 Statistics and Highlighted Information

 

March 17, 2020 Digital Exploitation Highlights

  • FBI issues public alert for malicious websites and apps, deception involving #COVID19 cases

  • Alert comes one day after a cyber-attack on the US Department of Health and Human Services

  • Large internet companies issue joint statement aimed to curb misinformation on #COVID19, group includes Facebook, LinkedIn, Google, Microsoft, YouTube, and Twitter among others

  • Cybercriminals exploit #COVID19 uncertainty, launch new attacks with trojan and phishing techniques

 

NIST’s External Threats platform identified 31 URLs that appear to be malicious. The platform discovered these URLs by cross-indexing automated searches of the keywords “COVID-19” and “Coronavirus” with malware and phishing detection tools.

COVID-19 Email Spam Statistics

NIST analyzed its spam box feed for the time period of 03/13/2020-03/16/2020. During this four-day period, NIST analyzed 437,887 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 54,847 unique subject lines observed during the reporting period. The spam emails originated from 32,535 unique sending email addresses and 44,165 unique SMTP IP Addresses. Analysts identified 536 emails, which sent an executable file for Windows machines.

March 18, 2020 Digital Exploitation Highlights

  • Attorney General Barr prioritized prosecuting cybercriminals exploiting COVID19.

  • NIST discovers top 25 phishing subject lines, COVID19 exploit tactics

  • NIST identifies top subjects when used with executable attachments

  • NIST pinpoints most common COVID19 SPAM origins, United States leads the list

 

COVID-19 Email Spam Statistics

NIST analyzed its spam box feed for the time period of 03/17/2020-03/18/2020. During this period, NIST analyzed 215,490 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 20,131 unique subject lines observed during the reporting period. The spam emails originated from 15,198 unique sending email domains and 22,425 unique SMTP IP Addresses. Analysts identified 1,232 emails that sent an executable file for Windows machines.

March 19, 2020 Digital Exploitation Highlights

  • DDoS attack on the US Department of Health and Human Services (HHS) website on Sunday is now believed to be part of a coordinated campaign

  • Russian media have deployed a “significant disinformation campaign” against the West to worsen the impact of the coronavirus, generate panic and sow distrust

  • Hackers are exploiting the COVID-19 outbreak to spread their own infections

  • Thousands of COVID-19 scams and malware sites are being created on a daily basis. NIST saw more than 13.5K suspicious domains on 3/15; more than 35K domains the next day; and more than 17K domains the day after that

  • TrickBot and Emotet Trojans have started to add text from COVID-19 news stories to attempt to bypass security software using artificial intelligence and machine learning to detect malware

  • Cybercriminals continue to take advantage of the increased communication about COVID-19 by lacing mobile applications with a trojan

  • Some ransomware operators claim they will no longer target health and medical organizations

  • Federal Deposit Insurance Corporation (FDIC) issued a statement Wednesday warning about an increase in scams trying to sow distrust in the U.S. financial system

  • Federal Trade Commission (FTC) warned consumers on Wednesday about possible scams related to the US government plans to send money by check or direct deposit

  • Twitter updated its safety policy to prohibit tweets that “could place people at a higher risk of transmitting COVID-19.”

 

COVID-19 Email Spam Statistics

NIST analyzed its spam box feed for the time period of 03/18/2020-03/19/2020. During this period, NIST analyzed 268,382 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 20,271 unique subject lines observed during the reporting period. The spam emails originated from 14,279 unique sending email domains and 20,962 unique SMTP IP Addresses. Analysts identified 1,099 emails that sent an executable file for Windows machines.

March 20, 2020 Digital Exploitation Highlights

  • FBI announced that with the “significant spike” in scams across the nation it anticipates criminals will zero in on three states with high rates of infections: WA, CA and NY.

  • Secretary of State Pompeo accused China, Russia, and Iran of carrying out disinformation campaigns related to COVID-19

  • Ongoing phishing campaign delivering emails written to appear as official messages from the Director-General of the World Health Organization (WHO). Emails actively spread HawkEye malware payloads onto the devices of unsuspecting victims.

  • US government is in active talks with FacebookGoogle and a wide array of tech companies and health experts about how it can use data gleaned from Americans’ phones to combat COVID-19, including tracking whether people are maintaining a safe distance from one another. Israel and China already use similar technology to combat the spread.

​​

COVID-19 Email Spam Statistics

NIST analyzed its spam box feed for the time period of 03/19/2020-03/20/2020. During this period, NIST analyzed 202,558 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 20,387 unique subject lines observed during the reporting period. The spam emails originated from 14,232 unique sending email domains and 20,337 unique SMTP IP Addresses. Analysts identified 1,558 emails that sent an executable file for Windows machines.

March 21, 2020 Digital Exploitation Highlights

  • Sentinel Labs researchers reported yesterday that they have seen a significant number of malware campaigns, spam campaigns, and scams related to COVID-19. They have identified scams where multiple dark web sites claim to sell COVID-19 supplies (masks, sanitization and cleaning supplies) directly for bitcoin. In reality, the scammer collects the money and does not deliver anything. Other bogus sites are claiming to sell non-existent vaccines and charging victims $5,000. They also observed criminals selling COVID-19 malware/phishing ‘kits’ for less than $1,000.

  • Interpol arrested 121 individuals during an international operation, dubbed Operation Pangea XIII, aimed to counter the illegal online sale of medical supplies and medicine; more than 90 nations took part in the operation. Authorities found over 2,000 online advertisements relating to COVID-19. Interpol said in a statement it seized more than 34,000 counterfeit, unauthorized, and substandard products, including masks and antiviral medications.

​​

COVID-19 Email Spam Statistics

NIST analyzed its spam box feed for the time period of 03/20/2020-03/21/2020. During this period, NIST analyzed 193,133 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 39,760 unique subject lines observed during the reporting period. The spam emails originated from 14,127 unique sending email domains and 22,439 unique SMTP IP Addresses. Analysts identified 135 emails that sent an executable file for Windows machines.

 

March 22, 2020 Digital Exploitation Highlights

  • Video chat company Zoom alerted customers to a security issue where outsiders have been hijacking group chats by taking advantage of a screen-sharing function to show lewd content. Zoom offered some ways to secure its video conference tool from “Zoombombing”: only allow the host to screen share, password protect your meetings, and lock the meeting once all participants have joined.

​​

COVID-19 Email Spam Statistics

NIST analyzed its spam box feed for the time period of 03/21/2020-03/22/2020. During this period, NIST analyzed 160,648 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 27,560 unique subject lines observed during the reporting period. The spam emails originated from 15,980 unique sending email domains and 21,070 unique SMTP IP Addresses. Analysts identified 2 emails which sent an executable file for Windows machines.

 

March 23, 2020 Digital Exploitation Highlights

  • The Department of Justice raised its first federal court action against online fraud relating to COVID-19. According to ThreatPost reporting, the website, “coronavirusmedicalkit.com,” offered to give away free vaccine kits that it claimed were manufactured by the World Health Organization. In reality, the cybercriminals first asked buyers to input their payment card information on the website in order to pay a shipping charge of $4.95. Then, they would steal that credit card and personal information.

​​

COVID-19 Email Spam Statistics

NIST analyzed its spam box feed for the time period of 03/22/2020-03/23/2020. During this period, NIST analyzed 243,881 spam emails containing either “*corona*” or “*covid*” in the subject line. There were 38,698 unique subject lines observed during the reporting period. The spam emails originated from 40,849 unique sending email domains and 22,567 unique SMTP IP Addresses. Analysts identified 237 emails which sent an executable file for Windows machines.

© 2018 First Consulting, Inc.  All rights reserved.