‘Hack-for-hire’ firms targeting financial services\, healthcare amid COVID-19 pandemic: Google

Technolog

‘Hack-for-hire’ firms targeting financial services, healthcare amid COVID-19 pandemic: Google

“We have seen new activity from ‘hack-for-hire’ firms, many based in India, that have been creating Gmail accounts spoofing the WHO.”

‘Hack-for-hire’ firms, many of them based in India, are creating accounts spoofing the World Health Organization (WHO) and targeting business leaders in financial services, consulting, and healthcare corporations in the U.S., the U.K. and Bahrain among other countries amid the COVID-19 pandemic, according to a report by Google.

The tech giant noted that numerous coronavirus-themed attacks have been discovered and confirmed by its teams as the COVID-19 pandemic has disrupted people’s lives and businesses across the world.

Citing an example of one such form of attack, Google said, “We have seen new activity from ‘hack-for-hire’ firms, many based in India, that have been creating Gmail accounts spoofing the WHO.”

“The accounts have largely targeted business leaders in financial services, consulting, and healthcare corporations within numerous countries including the U.S., Slovenia, Canada, India, Bahrain, Cyprus, and the U.K.,” Google said in a recent blogpost.

These e-mails encourage individuals to sign up for direct notifications from the WHO to stay informed of coronavirus-related announcements, and include a link to attacker-hosted websites that bear a strong resemblance to the official WHO website, the blog explained.

The sites typically feature fake login pages that prompt potential victims to give up their Google account credentials, and occasionally encourage individuals to give up other personal information, such as their phone numbers, it added.

Google said its Advanced Protection Program (APP) uses hardware security keys and provides the strongest protections available against phishing and account hijackings to help protect users against these kinds of tracks, and was specifically designed for high-risk accounts.

“Generally, 2020 has been dominated by COVID-19. The pandemic has taken centre stage in people’s everyday lives, in the international news media, and in the world of government-backed hacking,” the blog said.

Microsoft had also recently highlighted a similar trend. It had stated that cybercrooks are using COVID-19 to make ransomware and phishing attacks, and over 9,000 coronavirus-themed attacks were noticed in India between February 2 and May 2. About 19 million such attacks were noted in Asia.

A letter from the Editor

Dear reader,

We have been keeping you up-to-date with information on the developments in India and the world that have a bearing on our health and wellbeing, our lives and livelihoods, during these difficult times. To enable wide dissemination of news that is in public interest, we have increased the number of articles that can be read free, and extended free trial periods. However, we have a request for those who can afford to subscribe: please do. As we fight disinformation and misinformation, and keep apace with the happenings, we need to commit greater resources to news gathering operations. We promise to deliver quality journalism that stays away from vested interest and political propaganda.

Support Quality Journalism
Next Story