Barracuda researchers have seen a steady increase in the number of coronavirus or COVID-19-related spear-phishing attacks since January 2020, but they have observed a recent spike in this type of attack, up 667-percent since the end of February 2020.

Between March 1 and March 23, 2020 Barracuda Sentinel has detected 467,825 spear-phishing email attacks, and 9,116 of those detections were related to COVID-19, representing about 2 percent of attacks, says Fleming Shi, Chief Technology Officer at Barracuda. In comparison, a total of 1,188 coronavirus-related spear-phishing attacks were detected in February, and just 137 were detected in January, he adds. Although the overall number of these attacks is still low compared to other threats, the threat is growing quickly, he warns. 

Image courtesy of Barracuda

Barracuda researchers have seen three main types of phishing attacks using coronavirus COVID-19 themes — scamming, brand impersonation, and business email compromise. Of the coronavirus-related attacks detected by Barracuda Sentinel through March 23, 54 percent were scams, 34 percent were brand impersonation attacks, 11 percent were blackmail, and 1 percent are business email compromise.

Image courtesy of Barracuda

Phishing attacks using COVID-19 as a hook are quickly getting more sophisticated, Shi says. In the past few days, Barracuda researchers have seen a significant number of blackmail attacks popping up and a few instances of conversation hijacking.

"In comparison, until just a few days ago we were primarily seeing mostly scamming attacks. As of March 17, the breakdown corona-virus phishing attacks detected by Barracuda Sentinel, 77 percent were scams, 22 percent were brand impersonation, and 1 were business email compromise. We expect to see this trend toward more sophisticated attacks continue," Shi adds. 

Goals of the attacks ranged from distributing malware to stealing credentials, and financial gain. One new type of ransomware Barracuda systems detected has even taken on the COVID-19 namesake and dubbed itself CoronaVirus.

Barracuda also noticed one blackmail attack that claimed to have access to personal information about the victim, know their whereabouts, and threatened to infect the victim and their family with coronavirus unless a ransom was paid. Barracuda Sentinel detected this particular attack 1,008 times over the span of two days.

For the full blog and for more information, visit https://blog.barracuda.com/2020/03/26/threat-spotlight-coronavirus-related-phishing/