• by Ray Schultz , September 21, 2020

COVID-19 may be disrupting legitimate businesses, but bad actors seem inspired by it, according to a study from F-Secure. 

Starting in March and running through the spring, there has been a significant uptick in malicious emails exploiting COVID-19. 

The scams include offers of face masks from phony websites. 

Email was the most popular way of spreading malware, accounting for half of all attempts.

Three-fourths of the attachments in such emails have contained infostealers a form of malware that steals passwords and other sensitive data. 

Lokibot was the most common malware family, and Telnet and SSH were the most frequently scanned ports, the study reports.

The most-spoofed industry was finance, and Facebook the most-spoofed brand name. 

"Cyber criminals don't have many operational constraints, so they can quickly respond to breaking events and incorporate them into their campaigns,” concludes Calvin Gan, a manager with F-Secure's Tactical Defense unit.