The top cybersecurity agency in Canada has started taking down over 1,000 "malicious imitation" websites trying to scam people or misinform them about the financial aid programs put in place by the government.
The agency has also noticed phishing attempts from people impersonating public health officials—even some coming from state-sponsored actors.
A recent report by the Communications Security Establishment (CSE) found that fake Government of Canada websites have been set up by cybercriminals in the last two months. Most of them pretending they are the Canadian Revenue Agency or somehow linked to the Canada Emergency Response Benefit (CERB).
These websites have been called “convincing copies” of official websites with cyber actors attempting to manipulate people into sharing personal financial information. CSE said it is working to put an end to these them.
These sites make up some of the over 120,000 newly registered coronavirus themed domains found by the agency in the last month. The agency notes that cyber actors are also sending people links that, when clicked, download information-stealing and malicious software.
In the May 26 report, the agency said that the majority of phishing attempts deliver malware “associated with either state-sponsored groups or well-known cybercriminals.”
“Canadian public health responses and initiatives are being repurposed by state-sponsored cyber threat actors and cybercriminals as COVID-19 lures for the purpose of targeting Canadians and Canadian organizations,” the report said.
In one incident on March 10, phishing emails pretending to be the Public Health Agency of Canada’s Chief Public Health Officer Dr. Theresa Tam, embedded malware from a link called “important COVID-19 update.”
Other examples show emails with medical supply advertisements or asking for donations.
“Cyber threat actors know that affected populations are anxious about the future and less likely to act prudently when presented with emails, SMS messages, or advertisements involving COVID-19 that would otherwise seem suspicious,” the agency said.
The agency anticipates more of these attacks as long as coronavirus is a public health concern.
“Cybercriminals appear to be becoming more adept at targeting severely affected regions and municipalities with COVID-19 lures as well. As social distancing efforts begin to ‘plank the curve’ and the wider public grows increasingly anxious for a return to normalcy, we expect that cybercriminals will likely begin crafting phishing lures which play on an increased appetite for information around COVID-19 vaccine development and production,” reads the report.
These findings come only weeks after a joint statement was issued with CSE and the Canadian Security Intelligence Service (CSIS) waring that coronavirus research that has been conducted throughout the country is seeing an “elevated level of risk” for malicious activity such as foreign backed hacking.
CSE says it has found two attempts to gain access to Canadian research into coronavirus. Both of the incidents took place in April.
Another incident took place involving a Canadian biopharmaceutical company that was faced with a foreign cyber threat actor “almost certainly attempting to steal its intellectual property.”
CSE said that though “traditional espionage activities” have been limited due to travel restrictions and physical distancing—it is seeing an increase in online operations.
Powered by StructureCMS™ Comments
Join and support independent free thinkers!
We’re independent and can’t be cancelled. The establishment media is increasingly dedicated to divisive cancel culture, corporate wokeism, and political correctness, all while covering up corruption from the corridors of power. The need for fact-based journalism and thoughtful analysis has never been greater. When you support The Post Millennial, you support freedom of the press at a time when it's under direct attack. Join the ranks of independent, free thinkers by supporting us today for as little as $1.
Remind me next month
To find out what personal data we collect and how we use it, please visit our Privacy Policy
Comments