Omicron Phishing Emails | Google Report | Kaspersky Employee Wellbeing 2021 Report
Article by Christopher Lauder, Delegate Relationship Executive, Rela8 Group
Omicron Phishing Emails
To begin this week, let’s look at something which has only just recently hit the headlines but we are already sick and tired of talking about – Omicron!
According to the consumer rights group Which?, scammers aren’t wasting any time at all sending fake emails about the new Omicron variant of the Coronavirus to try and steal personal information and banking details. These phishing emails are trying to manipulate peoples emotions towards this new variant by impersonating the NHS and offering “a free Omicron PCR test today to avoid restrictions”. Of course, this is absolute rubbish.
The website has been reported to the National Cyber Security Centre, however it is expected that more scam texts, emails, and phone calls related to the new Omicron variant will most likely appear in the near future.
Emails have been coming from seemingly legitimate emails, such as one ending in [AT]nhscontact.com. The emails invite you to click on links/buttons which take you to copycat NHS websites. These sites ask you for your full name, DOB, address, mobile, and email address – more than enough information needed to attempt identity fraud.
They also ask for a payment of £1.24 for ‘delivery’ of the new, and non-existent, Omicron tests. Along with this, you need to provide your mothers maiden name, which many customers use as basic security questions to secure their bank accounts.
Keep your eyes peeled for these scams and if you do spot one, you can report it to the NCSC.
Source - Omicron Phishing Campaigns - InfoSec Magazine
Source - Omicron Phishing Campaigns - Which?
Over at Google, their Cybersecurity Action Team has released their Threat Horizons Cloud Threat Intelligence report for November.
Looking at the summary of their observations, they have found that:
"While cloud customers continue to face a variety of threats across applications and infrastructure, many of the successful attacks are due to poor hygiene and a lack of basic control implementation. Most recently, our team has responded to cryptocurrency mining abuse, phishing campaigns, and ransomware. Given these specific observations and general threats, organizations that put emphasis on secure implementation, monitoring and ongoing assurance will be more successful in mitigating these threats or at the very least reduce their overall impact."
Recent attacks they have observed include:
- Compromised Google Cloud instances being used for cryptocurrency mining. Some poorly configured GCP instances are being compromised quickly and being used for cryptocurrency mining and other malicious activity
- A Russian group has launched a Gmail phishing campaign. These attackers who would usually target Yahoo! Users have launched new campaigns against Gmail accounts
- Fraudsters employ new TTP to abuse Cloud resources. Fraudsters sought to abuse Cloud resources to generate traffic to YouTube
- North Korea actors impersonate employment recruiters. Attackers have been impersonating employment recruiters in an attempt to steal credentials
- Black Matter ransomware rises out of DarkSide. Black Matter ransomware found to be formidable; however, it does not exfiltrate data
Source - Google Threat Report - Google Cybersecurity Action Team
Kaspersky Employee Wellbeing 2021 Report
Last week, Kaspersky released the findings of their Global Corporate IT Security Risks Survey (ITSRS), a survey of IT workers which is now in its 11th year. In total, 4,303 interviews were conducted with businesses with more than 50 employees across 31 countries from May to June this year. Some of the key findings include:
- Remote working has led to an increase in workload for 54% of employees, though most people (67%) feel comfortable working remotely
- Despite being separated from colleagues, 61% of employees haven’t noticed any difference when it comes to communicating with their teams, or even feel more connected
- 80% of firms have taken steps to manage employee burnout, but only 45% have implemented solutions that actually help to mitigate the workload
- 42% of SMBs and 43% of enterprises have experienced IT security infringement by employees, while changes to security policies is the most popular measure that companies use to prevent the repetition of data breaches
- Finally, and most alarmingly, almost half of companies (45%) prefer not to disclose leakage of personal employee data publicly. This type of leakage is the least frequently disclosed compared to corporate or customer data breaches
Source - Kaspersky Employee Wellbeing Report - Kaspersky