Microsoft published a blog post today explaining how it’s defending Windows users against cyber attacks taking advantage of the novel coronavirus crisis.
This is a serious concern. Email spammers have used COVID-19 to convince people to download malicious attachments, malware distributors have co-opted an infection dashboard created by Johns Hopkins University and other scammers have set up tens of thousands of websites with domain names related to the pandemic.
But the problem shouldn’t be blown out of proportion. “While phishing and other email attacks are indeed happening,” Microsoft said, “the volume of malicious emails mentioning the coronavirus is very small.” That might change as the pandemic continues, but at least for now there don’t appear to be any large-scale attacks.
Microsoft said that 91% of cyber attacks start with email, which is why the company relies on “a multi-layered defense system that includes machine learning, detonation and signal-sharing” to “quickly find and shut down email attacks.” That system analyzes messages, URLs and attachments to determine if they’re a risk.
The company said it was able to shut down a spear-phishing campaign that took advantage of COVID-19 in less than 30 minutes by using this system. It successfully defended people using Microsoft email services via Office 365, Outlook and Exchange servers, as well as PCs running its Microsoft Defender security offering.
Automated systems can’t always catch everything though, which is why Microsoft shared a list of “tell-tale signs” an email is part of a phishing campaign that includes:
These “tell-tale signs” don’t just apply to phishing attempts taking advantage of the COVID-19 pandemic; they can also help people avoid other types of malicious attacks against them. Hopefully, we can one day reach the point where nobody has to be reminded of these basic warning signs.