The jump in employees working from home to stop the spread of Covid-19 coronavirus has created an unwanted side effect.
“The bad guys at the moment are going nuts with coronavirus scams,” Stu Sjouwerman, CEO of Clearwater cybersecurity training firm KnowBe4, told the St. Pete Catalyst. “We see three to four times more scams related to coronavirus.”
The Official Cybercrime Report from Cybersecurity Ventures estimates cybercrime damage costs may double due to the Covid-19 outbreak.
The scams take the form of malicious emails, or phishing attempts — the fraudulent practice of sending emails purporting to be from reputable companies or sources, but intended to get individuals to reveal personal information, such as passwords or credit card numbers.
The problem is compounded when individuals use personal devices that may be infected with malware to log onto their companies’ networks, because the malware can spread companywide, according to ChannelFutures, quoting Rob Cheng, CEO and founder of PCMatic, a Myrtle Beach, South Carolina company that makes antivirus software.
KnowBe4 has seen Covid-19 phishing scams in three waves. Initially, there were messages that purported to come from the World Health Organization and the Centers for Disease Control. The second wave saw cyber criminals trying new approaches to trick users into clicking on malicious content. Now, KnowBe4 research are seeing repurposed standard phishing templates turned into coronavirus-related phishing scams. [Scroll down to see examples of Covid-19 phishing attacks KnowBe4 has seen.]
CyberFlorida at University of South Florida separately issued a warning about increased Office 365 phishing attacks related to Covid-19.
“Attackers are sending spoofed emails, that mimic Office 365 services, prompting users to click links and enter their credentials, allowing attackers access to their systems. Most recently, an attacker created an email that appeared to be from a university’s health team with a URL link that mimicked an Office 365 login page and prompted users to login,” a March 21 report from CyberFlorida said.
Among the recommendation in the CyberFlorida report are multi-factor authentication, password managers, the use of virtual private networks and phishing awareness training.
Employees working from home are more vulnerable to phishing schemes, Sjouwerman said.
“They’re not in their normal environment. It’s a little uncomfortable. It’s unprecedented, so they might click on stuff much quicker than they would in the office when they are in a familiar environment and they know it’s the business, I have to be careful, think before you click,” he said.
One scam might involve an email purporting to be from human resources in the employee’s own organization with the subject line, “New corona deaths in this district” and urging the reader to click for a map to see where those deaths were occurring.
“You would have to be pretty good to not click that link,” Sjouwerman said.
KnowBe4 last week mobilized its own entire workforce of 884 global employees — including about 700 in downtown Clearwater — to work from home, beginning March 18. I met with Sjouwerman Friday in the company’s new executive office in downtown Clearwater — empty except for a few security and cleaning personnel. I had to get a temperature scan to make sure I wasn’t showing symptoms before I could go into the office, we bumped elbows instead of shaking hands, and we sat a few feet apart across a conference table as we talked.
Sjouwerman said KnowBe4 is well-positioned to help keep organizations with employees working from home safe.
The fast-growing company — the Tampa-St. Petersburg area’s first technology unicorn, valued at $1 billion — offers security awareness and simulated phishing platforms to train workers to become human firewalls to stop cyberattacks.
Many companies are facing business interruptions, and March is “a little slow,” Sjouwerman said, adding, “We are still making our numbers.” The company has had 27 consecutive quarters of sales gains and he still expects the first quarter of 2020 to top the fourth quarter of 2019.
“We haven’t seen our volumes go down all that much,” Sjouwerman said. “We were already dealing with many hundreds of prospects and those people understand this is important. In many cases we find our companies are allocating more cybersecurity budget because of this situation.”
Sjouwerman is certain a recession is coming, but also does not believe that will hurt KnowBe4. He said he’s opened and grown companies in the midst of other recessions. I’ll have more about KnowBe4’s growth plans in an upcoming report.
Here are examples of phishing email related to coronavirus that KnowBe4 has seen.