• by Laurie Sullivan  @lauriesullivan, May 5, 2020

The global spread of the COVID-19 pandemic has created not only a health risk in humans, but also risks online. Increases in coronavirus-related spam and impersonation attack campaigns are exploiting the vulnerability of users working at home -- taking advantage of their need for information while many are not behind a VPM or firewall.

Those committing fraud are using spam to offer fake or non-existent goods such as protective masks or COVID-19 cures. To provide a clear picture of how malicious actors are exploiting those opportunities, the Mimecast Threat Intelligence team analyzed key trends in activity during the first 100 days. The monthly volume rose by 33% between January and the end of March 2020.

Spam and opportunistic detection rose 26.3%, while impersonations rose 30.3%, malware rose 35.16%, and blocking of URL clicks rose 55.8%. Lookalike domains are easily forged.

The report suggests a corresponding surge in domain-related abuse in relation to COVID-19 and associated monikers. Mimecast has observed more than 60,000 COVID-19-related registered spoof domains since early January 2020.

The retail industry took the hardest hit, with domain spoofing of major brand websites like Walmart in attempts to steal from unsuspecting buyers as they look to purchase necessities online.

In March 2020, Mimecast began seeing an increase in spoofed airline flight refunds or WHO safety awareness emails that require a login, requesting a phone number that might lead to providing a telephone number and other contact information or to get the recipient to open malicious documents.

The company began seeing 4,500 blocked domains each day by March on several days to conduct fraud and cyber-enabled criminal activity in relation to the virus. Retail sites experienced spoofing vertical has seen spoofing of major retail brand domains to steal from unsuspecting consumers attempting to steal user information.

Since the beginning of the COVID-19 outbreak, Google has been specifically monitoring online behavior in relation to the pandemic to protect advertisers, publishers and users from fraudulent ads.

The company experienced a sharp spike in fraudulent ads for products such as face masks, so the company created a dedicated COVID-19 task force and improved its detection of trends and patterns.

An increase in spam and malicious online attacks seems to have prompted acquisitions.

On Monday, Customer Journey Hijacking Prevention creator Namogoo announced the acquisition of Personali, a company specializing in AI-powered behavioral analytics tools for personalizing in-site incentives. The acquisition is the first of its kind for the Israel-based company. Terms of the deal were not disclosed.

Personali, founded in 2011 with $15 million in funding, builds, optimizes and personalizes offers and discounts at strategic moments as consumers make the journey leading to purchase or taking some type of action related to the brand. The company says it has generated more than $1 billion in sales for global brands.

Namogoo will integrate Personali’s technology into its platform, enhancing the ability to give more control to businesses through the buying process that prevents unauthorized ad injections that attempt to divert sales to competitors, as well as reveal privacy and compliance risks, so they can be stopped. About 150 brands use its platform.

The acquisition will enable Namogoo, which recently raised a $40 million Series C funding round, to offer an improved set of services to new and existing clients, with solutions to increase customer engagement, loyalty, and conversions.