Coronavirus-themed cyberattacks & phishing dropped, says Microsoft

Coronavirus-themed cyberattacks & phishing dropped, says Microsoft

In the past months, the coronavirus is not the only virus we have battled with. Many have also battled with a virtual virus that has been wreaking havoc on our computers.

Cyberattacks and phishing campaigns related to COVID-19 reached their highest levels in March. However, the rate of these attacks has tremendously declined in recent weeks, according to Microsoft’s Threat Protection Intelligence Team.

Malware, phishing related COVID-19 attacks have declined

Malware, phishing related COVID-19 attacks have declined
Malware, phishing related COVID-19 attacks have declined

It’s no surprise that cybercrooks have taken advantage of the coronavirus pandemic crisis, launching coronavirus-themed cyberattacks. But new research from Microsoft has given a greater glimpse into this behavior.

In early March, we have seen the peak of the exploitation of cybercriminals. However, it has made a significant drop after that and has reached a steady baseline in early April.

According to Microsoft’s report, cybercriminals started launching COVID-19 related opportunistic campaigns after the World Health Organization revealed the COVID-19 pandemic on February 11. “The week following that declaration saw these attacks increase eleven-fold,” the report said.

Trend of the COVID-19 themed cyberattacks
The trend of the COVID-19 themed cyberattacks

“While this was below two percent of overall attacks Microsoft saw each month, it was clear that cybercriminals wanted to exploit the situation,” the report added. “People around the world were becoming aware of the outbreak and were actively seeking information and solutions to combat it.”

Cyber-criminals have taken advantage of the pandemic

At the start of March, many countries around the world began imposing strict lockdown measures to contain the spread of the virus, and that is when the coronavirus-themed attacks have peaked.

It is clear that these criminals have been leveraging the global pandemic to launch effective attacks. According to Microsoft, the overall trend of malware detections worldwide, coronavirus-related or not, did not vary significantly during this time and was a blip in the total volume of threats we typically see in a month.

The trend of the overall global attacks vs COVID-19 related attacks
The trend of the overall global attacks vs COVID-19 related attacks

And you know what’s more interesting? Hackers did not reinvent new ways when it came to releasing attacks during this period.

The report says, “Looking through Microsoft’s broad threat intelligence on endpoints, email and data, identities, and apps, we concluded that this surge of Covid-19 themed attacks was really a repurposing from known attackers using existing infrastructure and malware with new lures.”

Microsoft went ahead to call these attacks “opportunistic” adding that they targeted key industries as well as people working to address the pandemic. And what’s worse? These attacks have preyed on people’s concerns and confusion amidst the pandemic.

“Cybercriminals are adaptable and always looking for the best and easiest ways to gain new victims. Commodity malware attacks, in particular, are looking for the biggest risk-versus-reward payouts,” says Microsoft.

“The industry sometimes focuses heavily on advanced attacks that exploit zero-day vulnerabilities, but every day the bigger risk for more people is being tricked into running unknown programs or Trojanized documents.”


The report has mainly focused on three countries: the U.S., UK, and South Korea. These three countries saw Covid-19 attacks peak simultaneously. But perpetrators are going smart with it as they also tailored attacks to headlines in different parts of the world.

An example of this is when the UK saw its first coronavirus fatality was announced, and again when the Prime Minister ended up in the ICU because of the virus.

Microsoft then heeds warning for organizations and businesses to take this time to strengthen security posture through “educating end-users about spotting phishing and social engineering attacks.”

Leave a Reply

Your email address will not be published. Required fields are marked *