Author: neil

It seems coronavirus cases because of the new delta variant are not the only ones on the rise, pandemic-related email scams are too.

Researchers at security firm Proofpoint found out that in June, coronavirus related phishing attempts increased 33 percent, compared previously when concerns about the virus temporarily waned. The increase came when Google searches for “delta variant” were peaking. This type of attack will only evolve to reflect new coronavirus concerns.

Phishing is a type of scam where hackers send emails in attempts to trick recipients into clicking a link or attachment. They know that employers or health organizations sending out communication about the coronavirus compels people to click as dictated by their emotion.

In line with this, the tactics have evolved together with the pandemic. When many Americans were out of work, phishing scams focused on unemployment claims as well.

We’re slowly learning to live with ongoing precautions of the pandemic, and the coronavirus, for many, has gone from a novel threat to a banal reality. And by banal, that means employers are asking for negative test results, return-to-work feedback forms and, in some cases, proof of vaccination. That’s certainly fertile ground for phishing and ransomware.

Next time you receive an email with coronavirus updates, or those from fake health organizations asking for proof of vaccination or messages saying you’ve been let go, stop and read closely and check for signs of phishing. Keep an eye out for misspelled Web addresses, grammatical or spelling errors and slightly altered email domains. Also verify requests through a second channel just to be safe. Hackers have poor customer service and won’t go the extra mile in stealing important information. These digital criminals move on to an easier target once there is even the slightest inconvenience.

Internet security watchdog group Citizen Lab said last week, an Israeli spyware company named NSO Group developed a tool to break into Apple products with a never-before-seen technique that defeats security systems designed by Apple in recent years.

The spyware, named Pegasus, used a method to inconspicuously infect Apple devices without being detected by the victims. In the past, we could only learn that our devices were infected by spyware only after receiving a suspicious link texted to our phone or email. But NSO’s zero click remote exploit meant victims received no such warning, and the flaw enabled full access to a person’s digital life. It is considered the Holy Grail of surveillance because it allows governments, lawbreakers and mercenaries to invisibly break into someone’s device without tipping the victim off.

The discovery of this infection means that since March, more than 1.65 billion Apple products in use worldwide have been at risk to NSO’s spyware. Apple’s security team had worked around the clock to develop a fix. Ivan Krstić, Apple’s head of security engineering and architecture, commended Citizen Lab for its findings and urged customers to run the latest software updates for the fixes to take effect, by installing iOS 14.8, MacOS 11.6 and WatchOS 7.6.2.

Later this year, plans to introduce new security defenses for Apple’s texting application iMessage in its next iOS 15 software update, are expected.

On the other hand, NSO did not immediately respond to inquiries.