There has been a two-fold increase in the number of phishing attacks by websites posing as online video streaming platform Netflix since the middle of February, according to a Check Point Research report.
The intelligence arm of cybersecurity solutions provider Check Point Software Technologies based the observations in the report on data sourced from ThreatCloud, a cloud-based security intelligence repository, the company said.
“Most of these sites were registered in recent months, including domains that use the official name of the virus given by the World Health Organization (such as) netflixcovid19s.com. Some of these websites offer payment options in an attempt to fraudulently extract user details and payment credentials,” the report said.
Read: Hackers ride the Covid-19 wave as more people spend time online: Check Point Additionally, researchers at the Tel Aviv-based firm found that over 51,000 Coronavirus-related domains have been registered since the beginning of January, it said.
Over the past two weeks, 30,103 new Coronavirus-related domains have been registered, of which 131 are malicious and 2,777 are suspicious and under investigation, it said. About 2,600 Covid-19 related cyberattacks occur each day -- in fact, on March 28 alone, there were 5,000 such attacks, it added.
“As the number of physical casualties increase, so is the number of cyberattacks relating to the virus. We can expect this trend to continue in the near term,” Omer Dembinsky, data manager of threat intelligence at Check Point, said.
Interestingly, the overall number of cyberthreat activities in organisation networks dropped 17% on a monthly basis from January and March, it said.
“Clearly, hackers are shifting their resources away from targeting businesses, as most of us are now working from home, and towards activities that can reach us directly in our homes, such as Zoom and Netflix. It will be important for us all to exercise good cyber hygiene and be extra cautious when receiving documents or links,” Dembinsky said.
Domains registered with the ‘Zoom’ word have also seen a spike, as the remote conferencing services platform has gained popularity amid the lockdown.
“Over 1,700 new ‘Zoom’ domains have been registered since the advent of the Coronavirus pandemic, 25% of which were registered in the past week,” the company said.
In January, Check Point reported a security flaw in Zoom, through which a hacker could eavesdrop into calls on the platform by generating and guessing random numbers allocated to Zoom conference URLs. However, the flaw has since been fixed, it said.
In January, it also uncovered multiple vulnerabilities in popular short video platform TikTok. It found that an attacker could potentially manipulate content on user accounts and extract confidential personal information such as email addresses and birthdates. TikTok said it fixed the vulnerabilities after Check Point’s intimation.